Growing Cyber Risks Associated with Generative AI Drive Investment in AI Security Solutions

Around 73% of organizations are now investing in AI-specific security tools due to escalating concerns regarding the cyber risks associated with Generative AI (GenAI), as reported in the latest data analysis by Thales. This investment trend is being driven by either the allocation of new budgets or the reallocation of existing financial resources.

The data indicates that over two-thirds of organizations have procured these tools from their cloud service providers, while three in five are utilizing established security vendors. Additionally, nearly half of the organizations are exploring solutions from new or emerging startups. AI security has now become the second most significant area of security investment, trailing only cloud security.

Surveys reveal that approximately 70% of IT and security professionals view the fast-evolving GenAI ecosystem as the most pressing security challenge. This evolving environment entails new infrastructures, Software as a Service (SaaS) offerings, and autonomous agents. Other key security concerns highlighted include integrity, cited by 64% of respondents, and trustworthiness, noted by 57%. This comes at a time when one-third of organizations report being in the ‘integration’ or ‘transformation’ phase regarding their adoption of GenAI.

Eric Hanselman, Chief Analyst at 451 Research, emphasized the urgency faced by enterprises in navigating the swiftly changing GenAI landscape. Many organizations are deploying GenAI solutions more rapidly than they can fully comprehend their architectural applications, further complicated by the rapid adoption of SaaS tools that integrate GenAI capabilities.

Data Breach Incidents

The report also recorded that 45% of enterprises surveyed have experienced a data breach, reflecting a slight decline from 49% in 2024. Thales pointed out a gradual decrease in the number of organizations affected by breaches since 2021, when the figure stood at 56%. Only 14% of organizations reported a breach within the past year, down from 15% the previous year.

There is a notable correlation between achieving compliance and the occurrence of data breaches. In 2025, 78% of enterprises that failed compliance audits reported a history of breaches, in contrast to 21% of compliant organizations. The predominant attack vectors reported over the last year were malware, phishing, and ransomware.

Interestingly, many organizations are bolstering their security measures by adopting stronger authentication methods that move away from traditional passwords. Nearly 60% of respondents indicated their use of biometric authentication, while 47% are employing passwordless solutions, demonstrating a commitment to enhancing defenses against account compromise threats such as phishing and credential stuffing.

The report encompasses insights from over 3,000 IT and security professionals across 20 countries and 15 industries, reflecting the growing priority placed on AI security investments in tandem with cloud technologies.