Red Canary report finds cyber incidents average $3.7 million per organization in 2025

Red Canary, a Zscaler company, released its annual Security Operations (SecOps) Trends Report, highlighting ongoing challenges faced by cybersecurity teams in 2025. The report, based on insights from 550 security leaders across multiple regions, found that despite increased security budgets, breaches and threats continue to grow.

According to the report, 80% of security leaders noted rising spending on cybersecurity, yet the incidence of attacks has not declined. The attack surface increased by 41% over the past year, contributing to longer detection and resolution times. A substantial 73% of leaders remarked that the time taken to resolve incidents has also increased.

Further findings indicated that 83% of security experts stated that attackers are acquiring access through legitimate means rather than direct breaches. This shift underscores the need for improved identity and access management strategies.

Another critical issue is the persistent skills shortage in the sector, with 75% of organizations reporting gaps in intrusion detection capabilities and 72% in incident response expertise. These gaps hinder the effectiveness of SecOps and response to threats.

Brian Beyer, Co-founder of Red Canary, emphasized the necessity for Chief Information Security Officers (CISOs) to incorporate Artificial Intelligence (AI) and automation tools that enhance the capabilities of security teams. Beyer stated, “They need to go all in on expert-supervised AI agents that support security analysts in threat detection, investigation, and response.” Homomorphic Encryption (HE) pointed out that while there is hype around AI, effective solutions must rely on practical outcomes rather than marketing pitches.

Regarding AI's role, the report revealed that 85% of professionals felt threatened by the missed opportunities for automation. However, 75% expressed concerns that reliance on AI could diminish their problem-solving capabilities.

In conclusion, security leaders acknowledged AI's current applications, including detection analytics and intrusion detection, but urge a cautious approach to avoid potential risks associated with AI-generated attacks. As the security landscape continues to evolve, organizations need to balance leveraging AI while addressing inherent risks.