Commissioned by TitanHQ
Published March 2025
Executive summary
Organizations across the world face relentless growth in cyberthreats, as criminal groups leverage new technologies for malicious ends. The application of AI for offensive cyberthreats has threat actors rubbing their hands in glee, and organizations are racing to fight emerging offensive AI with defensive AI. In most years, we see continued evolution in the design of new types of attacks and threats – with recent explorations by threat actors focusing on MFA bypass in phishing attacks, new types of BEC attacks, QR code phishing, and early forays into deepfakes. Incidents and data breaches usually follow.
This research study investigates the on-the-ground cyberthreat realities for firms with up to 1,000 employees. We surveyed 252 organizations in the United States, Canada, United Kingdom, and the European Union.
Discover the latest email security attack trends, new and emerging tactics, and real-world experiences from IT professionals.
Key findings include:
- Half of organizations experienced between two and four types of incidents during the previous 12 months.
- 64.3% expect the threat level of phishing attacks against their organization to rise this year.
- One in five organizations lost money through a business email compromise attack over the previous 12 months.
- 56.3% of respondents anticipate that the threat level of BEC attacks against their organization will increase in 2025.
- Offensive AI used by threat actors enables cyberattacks to become more sophisticated, voluminous, unique, and evasive.
- AI is the emerging innovation that respondents say offers the greatest potential boost to email security at their organization over the next 12 months.
- With continued degradation in the threat landscape anticipated over the next 12 months, organizations that don’t improve their readiness and defenses will be in a progressively worse position over time.