Radware, a global leader in application security and delivery solutions for multi-cloud environments, released its new report, 2025 Cyber Survey: Application Security at a Breaking Point. The survey reveals threat areas of rapidly growing concern as organizations’ cyber defenses lag well behind. This includes a major lack of protection against AI threats, as well as API and business logic attacks, among others.
“The weaponization of AI by malicious actors is intensifying cybersecurity threats and drawing even more attention to areas where companies are simply ill-protected,” said Shira Sagiv, Radware’s vice president of product portfolio. “Internal alarms should be sounding. Companies openly admit to major concerns about gaps in cyber protection and lack of readiness, especially around web applications and APIs; yet their usage continues to climb creating even more risk and exposure.”
Cyber Technology Insights : NordPass AIms to Solve the Password Sharing Mess in Companies With a New Feature
KEY FINDINGS
The scramble is on to catch up with AI
According to the report, the use of AI to improve and intensify hacking tradecraft is of greatest concern. Organizations have significant concerns about threat actors using AI to generate new attacks at a faster cadence, bypassing existing defenses and compromising areas that were previously too difficult to attack.
Top concerns: The following percentage of respondents are highly or extremely concerned about hackers using AI:
To create/improve hacking tools – 70%.
To generate a larger volume of cyberattacks – 67%.
To launch new zero-day attack vectors – 66%.
Large readiness gap: Despite the concerns about hackers embracing AI, only 8% of organizations are currently using AI-based solutions for defenses.
AI adoption: Four out of five organizations plan to implement AI-based cybersecurity solutions within the next 12 months.
Cyber Technology Insights : Strivacity and SDG Partner to Accelerate Modern, Secure Customer Identity Solutions
Security fails to keep up with sprawling API ecosystems
APIs are in a constant state of fluctuation. Organizations are increasing their use of APIs even while they remain ill-protected.
Surge in API usage and updates: In 2025, API usage is up 42% compared to the highest rate of usage in 2023, with multiple daily updates to APIs surging 6X during the same time frame.
Widespread third-party usage: On average, organizations are using 19 third-party APIs per application, which introduces new types of threats around data compromise that cannot be mitigated at a coding level.
Poor business logic attack mitigation: Business logic attacks, a common form of API attacks, represent a threat area of rapidly growing concern. While 81% of respondents say it is very or extremely important to have real-time protection measures in place:
Just half have deployed runtime business logic protections.
Only 29% have security staff fully trained to detect and mitigate these attacks.
Lack of preparedness:
Risks to resilience continue to rise
Survey respondents expressed a lack of confidence in the effectiveness of their defensive posture against growing threats.
Third-party breaches: Only 16% of respondents are confident in their current protection against data breach attempts of third-party services code running on their web applications.
Costly DDoS disruptions: Downtime caused by an application DDoS attack averages $6,100 per minute or $366,000 per hour.
High compliance pressures: An average of 54% of respondents express high or extreme concern about a range of regulations, including NIS2, HIPAA, SEC, PCI DSS 4, GDPR, DORA, and SOX.
Cyber Technology Insights : Genetec Brings Powerful New Capabilities to Security Center SaaS
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: globenewswire
