Global Survey Finds Cyber Incidents Cost Organizations $3.7M on Average in the Past Year

Red Canary report shows security leaders face rising pressure to combat threats and secure complex technology stacks despite increased investments

Key findings:

• Budgets rise, but challenges remain: 80% of security leaders say they're spending more than ever on security – yet breaches and threats keep growing.
• Detection delays widen the risk window: Security teams are struggling to keep up as the attack surface has widened by 41% in the past 12 months, while 73% of security leaders say the time from detecting an attack to resolution has increased.
• Safeguarding identities is a must: 83% of security leaders say today's attackers don't break in – they log in, and they're harder to stop than ever. Identity and access management isn't enough.
• Skills shortage continues: 75% of organizations have skills shortages around intrusion detection and 72% around incident response.

DENVER, Oct. 23, 2025 /PRNewswire/ -- Red Canary, a Zscaler company, today released its annual Security Operations Trends Report, providing insights into the critical challenges facing cybersecurity teams in 2025. Partnering with independent research company Coleman Parkes, Red Canary surveyed 550 security leaders from the US, UK, New Zealand, Australia, and Nordics. The survey shows that security operations center (SOC) teams continue to struggle with the challenges of securing cloud environments, identities, and AI technologies amid evolving threats, amplifying the risk and business impact of cyberattacks. Over the past year, security leaders estimate that, on average, cyber incidents cost their organization $3.7 million, with 46% suffering from an outage or disruption to their services as a consequence of attacks.

"CISOs, like their peers in lines of business, know they need to augment their teams with AI and automation, but finding security products and services that deliver actual value is hard amidst all the hype and empty marketing," said Brian Beyer, Co-founder of Red Canary. "They need to go all in on expert-supervised AI agents that support security analysts in threat detection, investigation, and response, with the focus on proven solutions powered by LLMs trained on real-world data to deliver unmatched speed and accuracy – not just the latest shiny tool or a legacy vendor repackaging itself as AI."

The role of AI in shaping future defense

AI is no longer an emerging technology – it's already become integral to security operations. In fact, 85% of security leaders say the real risk is being overwhelmed by the thousand missed threats that will get through if they don't automate more. However, security leaders are also weighing its advantages against the risks, citing the rise of AI-generated attacks that haven't been seen before as their top concern.

Further findings include:

• AI fears are exaggerated, but risks are real: 78% of security leaders say the talk of AI releasing a tidal wave of novel attacks is fear mongering, but 43% have already experienced an incident relating to their own AI tools.
• AI is already at work: Top AI use cases in security operations today include detection analytics (65%), intrusion detection (59%), and SIEM management (54%).
• Caution for the future: 75% of security leaders worry that while AI helps security teams work faster, it could ultimately reduce their ability to solve problems independently.

"AI is already transforming how security teams operate," said Beyer. "SOC teams are under immense pressure, and AI is giving security analysts the ability to cut through noise and respond to threats faster. AI works best as a force multiplier, augmenting human judgment rather than replacing it. The organizations that lean into this shift now will not only ease the strain on security analysts, but put themselves in the best position to anticipate emerging threats and stay ahead of disruption in an increasingly unpredictable environment."

Methodology

This research was conducted by Coleman Parkes as an online survey of individuals with decision-making responsibility for data tooling for cybersecurity solutions. Coleman Parkes surveyed 300 respondents in the US, 100 in the UK, 100 in Australia and New Zealand, and 50 in the Nordics from a cross-section of organizations with more than 1,000 employees.

About Red Canary, a Zscaler company
Red Canary is a leader in managed detection and response (MDR). We serve companies of every size and industry, focusing on finding and stopping threats before they can have a negative impact. As the security ally for nearly 1,000 organizations, we provide MDR across our customers' cloud workloads, identities, SaaS applications, networks, and endpoints. For more information about Red Canary, visit: https://www.redcanary.com.

About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across 160+ data centers globally, the SASE-based Zero Trust Exchange™ is the world's largest in-line cloud security platform.

SOURCE Red Canary