Published November 2025

Executive summary

While 71% of organizations feel their readiness programs are mature, our new report reveals a troubling disconnect: key performance metrics have flatlined year-over-year. This is the “Readiness Rut,” a dangerous gap between perceived readiness and actual capability.

Combining industry-wide survey data with performance metrics from millions of real-world cyber exercises, the 2025 Cyber Workforce Benchmark Report is the definitive look at the state of cyber resilience today. It provides the data-driven diagnosis you need to identify hidden risks, benchmark your teams, and build a truly resilient workforce.

Immersive’s report draws from:

• An Immersive commissioned survey with Osterman Research of 500 cybersecurity leaders and practitioners in the U.S. and U.K. (August–September 2025), capturing how organizations perceive and measure readiness.
• Anonymized performance data within the Immersive One platform (July 2024–June 2025), representing millions of hands-on labs across industries.
• Results from Immersive’s “Orchid Corp” crisis simulation, involving 187 professionals across 11 drills in 9 cities, measuring real-world decision-making and containment under pressure.
• Analysis of the Immersive Resilience Score, a benchmark that quantifies readiness across people, process, and technology by measuring decision accuracy, response time, framework alignment, and adaptability to new threats. The score applies to all Immersive users, subject to eligibility, as customers must have the relevant product to be evaluated on each corresponding factor.

Published October 2025

Executive summary

AI is no longer a future disruptor – it’s a present reality. But as adoption accelerates, trust in AI outputs is eroding. Organizations realize that without strong governance, resilient data strategies, and a commitment to quality, AI can just as easily become a liability as a competitive advantage.

Building on AvePoint’s 2024 report, the 2025 report tracks the evolution from AI experimentation to enterprise-wide enablement. The findings revealed that despite widespread AI adoption efforts, critical operational gaps persist around data security and quality, with these foundational issues delaying AI rollouts by up to a year for three-quarters of organizations.

Key takeaways:

• AI rollouts stall before takeoff. 86% of organizations delayed AI deployments by up to a year due to security and data quality concerns.
• AI security incidents are too common. 75% experienced at least one AI-related breach in the past year, primarily due to oversharing sensitive employee or customer data.
• AI data frameworks exist – but fail to deliver. While 90% of organizations claim to have an information management framework, only 30% say it classifies and protects data effectively.
• AI training alone won’t fix trust. 99.5% have invested in AI literacy, but inaccurate outputs and hallucinations still erode employee judgment and decision-making.
• AI customer impact falls short. Organizations say enhancing customer insights and personalization is their top AI goal – yet there is a 5.8% gap between what they hope to achieve and what they actually do.

Published August 2025

Executive summary

Threats against identities and their protections are worsening. Cybercriminals are more interested in stealing and abusing compromised credentials, organizations often can’t detect exposed credentials on the dark web, and visibility into the actions and behaviors of service accounts is lacking. Threat actors are increasingly leveraging social engineering for compromising credentials. Internally, most organizations lack the optics and processes to detect identity-led threats.

New identity security solutions are emerging to protect identities—both human and non-human—by layering additional protections on identity and access management tools. These include solutions for visibility, governance, and autonomous remediation. While the organizations in this research claim high maturity for current identity security deployments, evidence of high maturity is lacking for most. All organizations must urgently revisit their identity security protections, deploy new or advanced solutions to strengthen identity security posture, and reduce exposure to the negative implications of identity-led threats.

Request a copy

Published June 2025

Executive summary

The rising menace of AI weaponized by threat actors has stormed onto the scene, dampening confidence in application security protections and threatening a renewed onslaught of attacks against applications. Indispensable application design constructs developed internally and across the supply chain remain ill-protected, even as usage relentlessly increases and threats multiply. Visibility into threats and security weaknesses is too low, and many organizations lack sufficient protections against new AI threats and business logic attacks, among others.

Key takeaways:

• AI-powered cyberthreats spark high concern, rapid response
• Applications are under attack from all directions
• New attacks against APIs exploit logic vulnerabilities
• Use of third-party service APIs is widespread, but not fully understood
• Application DDoS attacks are disruptive and costly

Published April 2025

Executive summary

Over the last 12 months, there is one word that best describes the cyber threat landscape: velocity.

The speed of cyber threats created an urgent and pressing need for CISOs to respond, as cybercriminals continued to leverage generative AI to increase the volume and velocity of attacks, leaving enterprises on the defense against increased threat activity.

In response, enterprises are prioritizing strategies to respond to threats, invest in security tools, mitigate the cybersecurity skills gap and integrate AI responsibly.

In fact, threat actors are now breaking out into networks faster than ever, according to CrowdStrike, with adversaries moving laterally across a compromised network in 48 minutes on average, with 51 seconds breaking the all-time low record as the fastest time ever recorded.

Security leaders expressed serious concerns that “if we fail [to adapt] … the losses will be immeasurable.”

High-profile breaches and zero-day exploits continue to dominate headlines, while enterprise security teams remain under-resourced from a team, technology and budget standpoint. This forces organizations to make strategic investments to combat the speed, scale and complexity of attacks. The good news? It seems to be working.

AI is both cybersecurity’s biggest threat and most promising savior. Three of the top six challenges related to AI this year, lead by AI-driven cyber attacks (#1), in addition to AI defenses (#5) and generative AI (#6). On the defense side, 77% of CISOs were confident in the future potential of AI to improve their security posture this year, with 75% of firms expressing interest in leveraging AI agents to automate SOC investigations using AI agents by triaging large volumes of security alerts.

As AI dominates both sides of the threat landscape, Scale Venture Partners conducts ongoing research to understand CISO challenges and evolving security solutions. Now in its 12th year, this year’s report consolidates perspectives from CISOs, CIOs, VPs, directors, and IT managers.

Scale Venture Partners commissioned Everclear Marketing and Osterman Research to conduct a survey of 301 security leaders in the United States who are responsible for buying decisions, the success of security deployments, or the overall security of the company.

See also:

• Scale VP’s blog post on the 2025 report.

Published March 2025

Executive summary

Organizations across the world face relentless growth in cyberthreats, as criminal groups leverage new technologies for malicious ends. The application of AI for offensive cyberthreats has threat actors rubbing their hands in glee, and organizations are racing to fight emerging offensive AI with defensive AI. In most years, we see continued evolution in the design of new types of attacks and threats – with recent explorations by threat actors focusing on MFA bypass in phishing attacks, new types of BEC attacks, QR code phishing, and early forays into deepfakes. Incidents and data breaches usually follow.

This research study investigates the on-the-ground cyberthreat realities for firms with up to 1,000 employees. We surveyed 252 organizations in the United States, Canada, United Kingdom, and the European Union.

Discover the latest email security attack trends, new and emerging tactics, and real-world experiences from IT professionals.

Key findings include:

• Half of organizations experienced between two and four types of incidents during the previous 12 months.
• 64.3% expect the threat level of phishing attacks against their organization to rise this year.
• One in five organizations lost money through a business email compromise attack over the previous 12 months.
• 56.3% of respondents anticipate that the threat level of BEC attacks against their organization will increase in 2025.
• Offensive AI used by threat actors enables cyberattacks to become more sophisticated, voluminous, unique, and evasive.
• AI is the emerging innovation that respondents say offers the greatest potential boost to email security at their organization over the next 12 months.
• With continued degradation in the threat landscape anticipated over the next 12 months, organizations that don’t improve their readiness and defenses will be in a progressively worse position over time.

Published March 2025

Executive summary

CISOs and CIOs are prioritizing cloud infrastructure security, internal cybersecurity talent, and the ethical control of data in 2025. The threat environment continues to change, with AI-driven cyberthreats escalating the potential damages on the offensive side in parallel with tightening cybersecurity insurance requirements forcing a recalibration of the defensive side.

More organizations are experiencing a higher number of cybersecurity incidents each year, which drives the need to re-assess the efficacy of current posture against the organization’s desired standard of performance. Having done so, the CISOs and CIOs in this research are investing in protections to shore up the critical areas above. In addition to the overall prioritization of cybersecurity areas, we offer a more nuanced analysis of CISO and CIO priorities within the areas of applications, cloud platforms and services, identities, and data.

Request a copy

Published December 2024

Executive summary

Today’s organizations seek marketplace success in collaboration with an ecosystem of supply chain partners while using hundreds or even thousands of applications. Unifying systems and apps across the supply chain ecosystem enables organizations to orchestrate experiences that delight customers and employees alike — keeping customers coming back for more and employees engaged in productive work.

Orchestrating these experiences requires organizations to contend with an ever-changing mix of organizational, regulatory, business and technology forces. To account for and embrace this dynamic change environment, organizations must fully embrace automation and orchestration technologies to achieve speed, eliminate errors, and delight customers, trading partners, and employees for true competitive advantage.

Leveraging automation and orchestration technologies enables businesses to seamlessly combine data from across their ecosystem — and more importantly, to act on it in real-time. This 360-degree visibility allows organizations to rapidly identify shifts in demand, optimize supply chain performance, and respond to changing customer preferences. A unified, enterprise-wide approach allows companies to maximize operations, make data-driven decisions and increase speed to market.

Published November 2024

Executive summary

The cyberthreat landscape is transforming rapidly as threat actors exploit artificial intelligence (AI) to drive attack sophistication and evasion techniques. As a result, security leaders are increasingly turning to AI-powered defensive tools to effectively combat the growing volume and sophistication of AI-enabled attacks.

This report explores the evolving use of AI in both offensive and defensive cybersecurity operations, providing actionable insights based on recent survey data from 125 security leaders in the United States. Three conclusions stand out:

• AI is already a key enabler of advanced cyberattacks. Attackers are leveraging AI to automate and scale attacks, increase the evasion of current security controls, and accelerate attack velocity. Generative AI in particular is giving attackers the ability to create highly targeted, polymorphic phishing campaigns and more sophisticated malware strains that evade detection.
• Defenders are moving quickly but face challenges. While 80% of security leaders agree that AI is essential for countering malicious AI, the deployment of effective AI defenses remains uneven. Defensive AI technologies like behavioral analysis and semi-supervised machine learning are gaining traction, but cybercriminals maintain a clear lead in areas like generative adversarial networks (GANs).
• AI’s impact on cybersecurity professionals is transformative. AI offers the potential to automate routine tasks, freeing cybersecurity professionals to focus on strategic initiatives such as threat hunting, incident response, and defense hardening. However, there is still work to be done in integrating AI into a cohesive long-term cybersecurity strategy, with only 70.4% of leaders ranking strategic alignment as a high priority.

Request a copy

Published October 2024

Executive summary

Security operations centers (SOCs) play a critical vanguard role in defending organizations against offensive security threats. For the SOCs in this research, the number of security alerts continue to increase—and this is without full visibility of their attack surface. Alert volume is only going to worsen as threat actors make increasing use of AI to power the next generation of novel and sophisticated cyberattacks. Organizations are fully cognizant that the technical innovations that have driven increased SOC performance in recent years will not sustain performance against the next wave of AI-powered attacks.

Counteracting emerging sophisticated threats and driving the next horizon of effectiveness and efficiency for the modern SOC require organizations to take a much more proactive approach in adopting AI-powered defenses, including behavior analysis, threat detection against baseline deviations, and alert triage.

Request a copy