With AI being at the forefront of today’s cybersecurity, it is no longer just about firewalls and encryption. As artificial intelligence enters more industries, it also introduces new security threats, from sophisticated cyberattacks to data protection challenges.
According to The Global CTO Survey 2024/25, CTOs identify several key risks affecting the deployment of AI and security. One of the most pressing concerns is human error and social engineering, which remain the leading causes of security breaches. Phishing and social engineering attacks exploit human vulnerabilities, making employee training more critical than ever.
Application vulnerabilities and cloud security risks also pose significant threats. As more organizations move to the cloud, misconfigurations and weak access controls can create serious security gaps. Meanwhile, ransomware and insider threats are evolving, with malicious actors increasingly using AI to enhance their attacks. Insider fraud remains an under-the-radar risk that many organizations still struggle to address.
Another challenge is regulatory and compliance issues. As AI regulations continue to evolve, CTOs must ensure their organizations remain compliant with data privacy laws while maintaining operational efficiency.
One of the key findings of the survey is the growing reliance on third-party security providers. As cyber threats become more sophisticated, 56% of organizations are now turning to specialized cybersecurity providers. However, this trend raises key questions:
Many CTOs are adopting hybrid security models, combining internal security teams with external expertise to provide multi-layered defenses. This approach allows organizations to benefit from cutting-edge threat intelligence while maintaining control over sensitive data and systems.
“This year’s STX Next CTO Survey highlights key trends we observe with clients,” said Krzysztof Olejniczak, CISO at STX Next. “Most CTOs are outsourcing security, reflecting the need for specialized expertise amid growing threats. Many organizations reported no attacks in 2024, indicating effective border controls, but it’s worth exploring how attempted attacks are being mitigated. Streamlined processes and employee training are vital – technology has advanced, but people remain the weakest link. Phishing simulations, like those we’ve conducted internally, are invaluable for uncovering vulnerabilities.”
AI is not just a security risk; it’s a powerful defense mechanism. The report highlights how CTOs are leveraging AI-driven security tools to:
AI-powered monitoring systems can automate threat detection by analyzing vast amounts of data in real-time, identifying anomalies and potential security breaches before they escalate. Machine learning models are also being used to enhance fraud prevention, detecting unusual behavior patterns that could indicate insider threats or financial fraud. Additionally, AI-based cybersecurity solutions can predict and prevent attacks by analyzing historical data, allowing organizations to strengthen their defenses proactively.
The AI age demands a proactive, multi-layered security approach. Based on survey insights, here’s what tech leaders should focus on:
Continuous employee training is essential, as security is only as strong as its weakest link. Regular training on phishing, data handling, and security best practices can significantly reduce risks. Organizations should also adopt AI-driven security solutions to leverage real-time threat detection and predictive analytics, helping them stay ahead of cybercriminals.
For those considering outsourcing security, evaluating external partnerships carefully is crucial. Vendors should meet strict compliance and security standards to avoid introducing new risks. Additionally, staying informed about global AI and data protection regulations will help organizations avoid legal and financial repercussions.
“Looking ahead, AI will reshape security as criminals exploit AI tools for sophisticated attacks,” added Olejniczak. “Organizations must adopt AI-driven detection systems and prioritize continuous training to stay ahead of evolving threats. Technology is essential, but awareness and preparedness are equally critical.”
Want to learn more? Download the full Global CTO Survey 2024/25 AI Edition to explore in-depth insights and actionable recommendations.
Media Inquiries
If you want to feature STX Next in your publication, dont hesitate to reach out to us.
Our customers love to work with us
ul. Mostowa 38
61-854 Poznań
Poland
C.11 310 Col. Santa Gertrudis Copo
97305 Merida
Mexico
77 Farringdon Road EC1M 3JU
United Kingdom
c/o Rödl RAe, Taunus Tower, Mergenthalerallee 73-75,
65760 Eschborn
Germany
City Place 1401 Lake Plaza Dr, Ste. 200
Spring, TX 77389
United States
