MINNEAPOLIS — February 4, 2025 — Fortra, a global cybersecurity software and services provider, today released the results of the 2025 Fortra State of Cybersecurity Survey. This is the second year the company has published a comprehensive assessment of the global security challenges organizations face and the initiatives they are undertaking to address threats. The results show security professionals are up against a host of interrelated threats in the wake of tight budgets and the unknown impact of new technologies.
When asked to predict their top five security concerns for the coming year, respondents indicated phishing and smishing (83%), malware and ransomware (71%), social engineering (60%), accidental data loss and leakage (58%), and evolving technology such as generative AI (50%) were the most prevalent. Notably, unease about evolving technology is up 15% from 2024 due to the fast-increasing availability of new sites, tools and services driven by AI and similar functionality.
Combating these threats takes diligence and a targeted approach to cybersecurity. Over the next six to 12 months, security professionals plan to identify and close security gaps (77%), improve security culture and awareness (75%), and work to limit outsider threats like phishing and malware (73%).
“Phishing continues to be the most pervasive daily threat for companies around the world,” said Matt Reck, CEO of Fortra. “In fact, this attack vector is often the source of malware and ransomware, which seventy-one percent of these security professionals also identified as a top risk.”
Security leaders are always balancing the changing cybersecurity needs of their organization with the budget limitations they face. As forty-five percent identified a skills gap (up six points from 2024), this presents additional challenges and underscores the increasing reliance on managed services. Many organizations are looking to outsource penetration testing (60%), email security and anti-phishing (56%), and vulnerability management (47%) to decrease the operational burden on internal teams. This presents an effective way to meet compliance requirements like GDPR, PCI DSS, and HIPAA while freeing staff to focus on higher-value projects.
“These survey insights remind us that cybersecurity fundamentals remain essential to put threat actors on the defensive,” said Reck. “This means educating employees about how to spot and thwart phishing attempts and bolstering SOCs with automation to simplify the routine daily tasks associated with security diligence. We know threat actors look to AI as well as dark web capabilities to devise and launch new attacks. Organizations must be ready.”
When it comes to cyberattacks, one dramatic, year-over-year shift in this year’s results was the drop in perceived risk of zero-day attacks. These target unknown vulnerabilities and thus have no immediate remedy available when the incident is discovered. Thirty-eight percent of respondents considered the risk of these attacks a top-five challenge, down from 50% in the previous year’s findings.
Report Methodology/Respondent Profile
The 2025 Fortra State of Cybersecurity Survey encompasses responses from industry professionals spanning more than a dozen roles and a dozen industries. The top five sectors represented are technology, finance, government, manufacturing, and healthcare. Respondents hail from the U.S., Europe, Canada, the Middle East, Africa, Asia, India, Latin America, Australia, New Zealand, and the Caribbean.
Find additional insights and analysis in the full report.
About Fortra
Fortra is a cybersecurity company like no other. We're creating a simpler, stronger future for our customers. Our trusted experts and portfolio of integrated, scalable solutions bring balance and control to organizations around the world. We’re the positive changemakers and your relentless ally to provide peace of mind through every step of your cybersecurity journey. Learn more at fortra.com
Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identified marks are proprietary trademarks of Fortra, LLC.
Media Contact
Jessica Ryan, PR Manager
Fortra
[email protected]