Compliance und Risiko
Cyber Risk Management: Defenders Tell It Like It Is
Based on more than 3,000 responses from cybersecurity professionals in nearly 90 countries, our Trend Micro Defenders Survey Report 2025 shines a bright light on the current state of cyber risk management. From the impact of cloud and AI on IT environments to top technical and human challenges, this year’s findings have a lot to say about the pressures security teams are under and what organizations are doing to tighten their grip on cyber risk.
Save to Folio
Every year, members of the Trend team pack their bags, blow up their neck pillows, and jet off to share cybersecurity insights with customers and industry leaders across the globe as part of our Trend World Tour. In 2024, we decided to make the event more of a two-way conversation by surveying cybersecurity professionals on the challenges they face and what matters to them.
The result was our first-ever Trend Micro Defenders Survey Report, a data-driven account of frontline perspectives on key issues and emerging opportunities for cybersecurity professionals. It was so well received, we repeated the exercise in 2025, tripling the scope with more than 3,000 responses from 88 countries.
This time around, we heard from cybersecurity managers and leaders, as well as individuals in a range of hands-on roles, from security configuration to cloud security and threat detection and response. The resulting Trend Micro Defenders Survey Report 2025 paints a vivid picture of the realities cybersecurity teams are up against and the emerging importance of taking a holistic, strategic approach to cyber risk management.
In this blog, we share some of the top-level findings, with follow-ups planned to drill down into the details.
Cloud and AI are key cyber risk factors
One of the first findings to jump out of this year’s survey is that there’s really no enterprise IT without cloud and AI these days, and both do double duty as business enablers and sources of risk.
A clear majority of respondents—58%—say they depend on hybrid cloud resources to meet their IT needs, with 41% adding that hybrid configurations will be essential to achieving their plans for AI adoption. The message seems to be that flexibility is crucial. Organizations want to balance the cost benefits of public cloud offerings with the control of on-premises IT resources. Once enterprises move IT into the cloud, they tend to stay there. Just 2% of respondents say they’ve repatriated systems back to on-premises deployments after migrating to the cloud.
While cloud plays a critical role in many organizations’ plans for AI, security professionals continue to be wary of bad actors leveraging and targeting AI in novel attacks. When asked for their top AI-related cybersecurity priorities, more than a quarter said their big concern is defending against AI-driven impersonation and fraud perpetrated with the help of audio and video deepfakes. Business email compromise schemes are another top-of-mind area of AI fraud.
Application attacks and data and intellectual property leaks round out the list of AI-related security priorities alongside getting a better grip on employees’ use of AI tools, both sanctioned and unsanctioned, and strengthening data governance.
Cyber risk management is a challenge for SecOps
To manage risk, you have to be able to see it. Cloud environments generally and hybrid cloud in particular can make that difficult. In our Trend Micro Defenders Survey Report 2025 respondents confirmed this, with nearly 20% saying cloud assets are hardest to keep an accurate, up-to-date inventory on, followed by remote and hybrid work assets, network infrastructure, and identities, endpoints, and mobile devices.
Security operations (SecOps) teams have other concerns as well when it comes to cyber risk management, two big ones being data protection and identity. Both are implicated in cybersecurity broadly and with respect to AI in particular. AI can be a source of inadvertent data exposures and, as more automated agents start to play a role in AI services, it will become increasingly critical to ensure they are who they say they are.
The main tactics relied on to protect data include traditional methods like data loss prevention (DLP) and email/content filtering, though more advanced, layered approaches are gaining traction, including data detection and response (DDR), secure service edge (SSE) solutions, and data security posture management (DSPM). Somewhat surprisingly, 5% of survey respondents say they have no formal data protection tools, a significant liability.
Where identities are concerned, cybersecurity tools of choice include multi-factor authentication (MFA), identity and access management (IAM), SSE again, and approaches like attack surface management (ASM) and continuous threat exposure management (CTEM).
A further concern, especially given the areas of specific concern for security teams, is that more than 60% of respondents say they don’t have or don’t know if they have documented and tested incident report plans to help them deal with breaches effectively.
Cyber risk management is a people issue
The cybersecurity field has been wrestling with skills shortages for years, and the toll of that perennial problem shows up in this year’s Defenders survey as well. Nearly 20% of respondents say gaps in skills and training are their top challenge. Many also worry their teams are too small, with burnout a looming threat.
This confluence of human factors has sparked fears that detections could be missed, especially since 30% of organizations also struggle with process optimization, and sizable numbers report challenges with automation, prioritization, and alert fatigue.
Respondents are taking a two-pronged approach to deal with these issues, with a quarter saying they’re investing in training and the same proportion also saying they’re spending on AI-enabled tools to bridge the talent gaps. A good number also report using consultants and outsourced services to augment in-house capacity, including incident response, managed detection and response (MDR), SOC as a service, and managed security services.
A third finding this year is that even with persistent skills shortages and cybersecurity team strain, more than 10% of organizations have no defined plans to address the issues. As threats evolve and intensify, the resulting cracks in their security posture will only continue to grow.
What’s needed to advance cyber risk management?
In this blog, we’ve sketched out the lay of the land—the context global cybersecurity professionals are operating within. So, what are they doing about it, and how are organizations seeking to mature their approach to cyber risk management? We’ll explore those questions in our upcoming blogs. For the full story, download the complete Trend Micro Defenders Survey Report 2025 here.