Although 80 per cent of Canadian businesses have experienced AI-related cybersecurity incidents over the past year, only three per cent are fully prepared to defend against these rapidly evolving threats, according to Cisco’s 2025 Cybersecurity Readiness Index, published last week.
As pressure mounts to adopt AI, critical knowledge gaps are emerging inside organizations, leaving them exposed to AI-fuelled threats, Cisco says in a press release highlighting the report’s findings.
Only 41 per cent of Canadian organizations report their employees fully understand the AI-driven threats they face, and 56 per cent say they are struggling to fill cybersecurity roles, up from 35 per cent last year, according to Cisco’s report. In addition, only 26 per cent of organizations feel equipped to conduct comprehensive AI security assessments, the report says.
While AI becomes increasingly central to Canadian businesses, Cisco found many organizations lack control over their AI models — 53 per cent do not have mature controls over the data used to train these models, leaving them vulnerable to AI-enhanced social engineering and data poisoning.
Furthermore, given today’s hybrid work environments, networks face critical vulnerability, Cisco says, with 74 per cent of organizations reporting their employees access company systems from unmanaged devices, creating perfect entry points for AI-enhanced attacks.
“AI has pulled back the curtain on cybersecurity blind spots that many Canadian organizations didn’t realize existed,” said Robert Barton, chief technology officer of Cisco Canada, in the company’s press release. “As AI-driven threats evolve, so too must our defenses. It’s no longer about keeping pace, it’s about setting the pace for security resilience.”
