Risk
We've curated 55 cybersecurity statistics about Risk to help you understand how organizations are identifying, assessing, and mitigating potential threats to their data and systems in 2025. Stay informed on best practices and evolving challenges!
Related Topics
Showing 1-20 of 55 results
44% of organizations say increased cyber risk is the top "Shadow AI" risk.
68% of technology leaders express concern that their AI agents will behave unpredictably.
82% of CISOs feel confident quantifying risk.
Boards most often ask CISOs for the following metrics: risk-reduction trendlines (51%), quantified business impact (47%), and incident-response performance metrics (40%).
72% of organizations across the U.S., U.K., France, Germany, and Australia reported that the security risks for their company have never been higher in 2025, marking a 17 point increase from 2024.
60% of companies globally now have a chief risk officer as of 2024, an increase from 52% over the past two years, indicating a growing recognition of risk management as a priority.
The percentage of companies globally that felt very prepared to manage AI risks has remained relatively flat over the past three years, with 9% in 2023, 8% in 2024, and 12% in 2025.
Only 10% of leaders expressed a lack of confidence in their risk management data in 2025, down from 16% in 2024, reflecting a six-point improvement in trust towards risk data.
23% of companies globally have a policy against using foreign AI models such as Deepseek in 2025.
16% of risk leaders admitted they cannot monitor and assess the risks of their critical third-party tech partners at all in 2024.
8% of risk leaders indicated they can assess and monitor their tier 1 partners, their suppliers, and their suppliers’ suppliers in 2024.
72% of companies globally do not have a policy for the use of generative AI by partners and suppliers as of 2025.
Only 28% of risk leaders reported an increase in technology budgets in 2024, a figure that has remained unchanged over the past three years.
26% of companies globally report having no policies, formal training, budgets, or dedicated plans to address AI risks in 2025.
Only 15% of companies globally have a budget specifically directed at mitigating AI-related risks in 2025, which is about the same percentage as last year.
45% of risk leaders reported that they can only assess and monitor their tier 1 tech partners.
In a comparison of executive roles, 34% of VP and C-level risk executives are not considering incorporating agentic AI into their operations, while only 20% of directors, managers, and below share this view, indicating a disconnect in AI adoption strategies.
Nearly two-thirds of risk leaders reported that their budgets have not changed at all this year.
Nearly 60% of risk leaders report that their companies are considering incorporating agentic AI solutions into their operations or products.
66% of risk leaders stated they have reviewed and updated their IT and cyber risk management strategy in response to major disruptions such as the Crowdstrike outage or MOVEit breach