- 72% of respondents in India are investing in AI-specific security tools with either new or existing budgets.
- In India, 68% of respondents identify future encryption compromise as one of the major concerns among quantum computing security threats.
- Globally, malware remains the top attack type since 2021; phishing rises to second, and ransomware drops to third.
Thales today announced the release of the 2025 Thales Data Threat Report, its annual report on the latest data security threats, trends, and emerging topics based on a survey conducted by S&P Global Market Intelligence 451 Research of more than 3,100 IT and security professionals in 20 countries across 15 industries. This year’s report found that nearly 70% of organisations in India view the fast-moving ecosystem as the most concerning GenAI security risk, followed by lack of integrity (66%) and trustworthiness (55%).
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250520591143/en/
©Thales
The 2025 Thales Data Threat Report results reveal a major focus on the transformative impact of AI, especially GenAI, which relies heavily on high-quality, sensitive data for functions like training, inference, and content generation. As agentic AI emerges, ensuring data quality becomes even more critical for enabling sound decision-making and actions by AI systems. Many organisations across the world are already adopting GenAI, with a third of respondents indicating it is either being integrated or is actively transforming their operations.
Organisations Embrace GenAI, Taking on Greater Security Risks Amid Rapid Adoption
As GenAI introduces complex data security challenges and offers strategic opportunities to strengthen defences, its growing integration marks a shift among organisations from experimentation to more mature, operational deployment. While most respondents said rapid adoption of GenAI is their top security concern, respondents in the more advanced stages of AI adoption aren’t waiting to fully secure their systems or optimise their tech stacks before forging ahead. Because the drive to achieve rapid transformation often outweighs efforts to strengthen organisational readiness, these organisations may be inadvertently creating their own biggest security vulnerabilities.
“The fast-evolving GenAI landscape is pressuring enterprises to move quickly, sometimes at the cost of caution, as they race to stay ahead of the adoption curve,” Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, said. “Many enterprises are deploying GenAI faster than they can fully understand their application architectures, compounded by the rapid spread of SaaS tools embedding GenAI capabilities, adding layers of complexity and risk.”
In India, 72% of respondents report investing in GenAI-specific security tools, with 16% using newly allocated budget. Globally, those prioritising AI security are diversifying their approaches: over two-thirds have acquired tools from their cloud providers, three in five are leveraging established security vendors, and nearly half are turning to new or emerging startups. Notably, security for generative AI has quickly risen as a top spending priority, securing the second spot in ranked-choice voting, just behind cloud security. This shift underscores the growing recognition of AI-driven risks and the need for specialised defences to mitigate them.
Data Breaches Show Modest Decline, Though Threats Remain Elevated
While data breaches remain a significant concern, their frequency has slightly decreased over the past few years. In 2021, 56% of surveyed enterprises across the world reported experiencing a breach, but that figure has dropped to 45% in 2025. Additionally, the percentage of respondents reporting a breach within the last 12 months has fallen from 23% in 2021 to just 14% in 2025. In India, 11% of respondents reported experiencing a data breach recently.
Globally, malware continues to lead as the most prevalent threat, maintaining its top position since 2021. Phishing climbed to second place, overtaking ransomware, which now ranks third. When it comes to the most concerning threat actors, external sources dominate—hacktivists hold the top spot, followed by nation-state actors. Human error, while still significant, has dropped to third, down one position from the previous year.
Vendors Pressed on Post-Quantum Readiness as Encryption Strategies Are Reassessed
The 2025 Thales Data Threat Report reveals that most organisations are increasingly concerned about quantum-related security risks. The top threat, cited by 68% of respondents in India, is future encryption compromise—the risk that quantum computers could eventually break current or future encryption algorithms, exposing data once considered secure. Close behind, 56% identified key distribution vulnerabilities, where quantum advancements could undermine the secure exchange of encryption keys. Additionally, 58% highlighted the “harvest now, decrypt later” (HNDL) threat, where encrypted data intercepted today could be decrypted in the future. In response, 55% of organisations in India are prototyping or evaluating post-quantum cryptography (PQC) solutions, and 49% are assessing their encryption strategies. Only 40% are placing their trust in telecom or cloud providers to manage the transition.
“The clock is ticking on post-quantum readiness. It’s encouraging that three out of five organisations are already prototyping new ciphers, but deployment timelines are tight and falling behind could leave critical data exposed,” Todd Moore, Global Vice President, Data Security Products at Thales, said. “Even with clear timelines for transitioning to PQC algorithms, the pace of encryption change has been slower than expected due to a mix of legacy systems, complexity, and the challenge of balancing innovation with security.”
While this year’s survey results indicate improvements in security posture, much more is needed to elevate operational data security to fully support the capabilities of emerging technologies such as GenAI and to pave the way for future innovations.
For more information please join our webinar hosted by Eric Hanselman, Chief Analyst at S&P Global 451 Research.
About Thales
Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion.
The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies.
Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion.
About Thales in India
Present in India since 1953, Thales is headquartered in Noida and has other operational offices and sites spread across Delhi, Gurugram, Bengaluru and Mumbai, among others. Over 2200 employees are working with Thales and its joint ventures in India. Since the beginning, Thales has been playing an essential role in India’s growth story by sharing its technologies and expertise in Defence, Aerospace and Cyber & Digital sectors. Thales has two engineering competence centres in India – one in Noida focused on Cyber & Digital business, while the one in Bengaluru focuses on hardware, software and systems engineering capabilities for both the civil and defence sectors, serving global needs. The Group has also established an MRO (Maintenance, Repair & Overhaul) facility in Gurugram to provide comprehensive avionics maintenance and repair services to Indian airlines and support the growth of the local aviation industry.
PLEASE VISIT
Cloud Protection & Licensing Solutions | Thales Group
Cybersecurity Solutions | Thales Group
View source version on businesswire.com: https://www.businesswire.com/news/home/20250520591143/en/
