According to Cisco’s 2025 Cybersecurity Readiness Index, only 1% of organisations in Hong Kong have achieved a mature level of cybersecurity readiness. This figure has not changed from last year, highlighting a concerning stagnation in preparedness amidst growing threats from cybercriminals and artificial intelligence (AI).
The report reveals that 96% of respondents expect business disruptions due to cyber incidents within the next 12 to 24 months. Despite this awareness, organisations continue to grapple with the complexities introduced by AI, with 92% reporting AI-related security incidents in the past year. However, only 36% of respondents feel confident that their employees fully understand these AI-related threats, exposing a critical gap in awareness and preparedness.
The cybersecurity landscape is increasingly challenging, with 56% of organisations experiencing cyberattacks last year. Many are hindered by complex security frameworks that rely on disparate point solutions. Respondents identified external threats, such as malicious actors and state-affiliated groups (54%), as more significant than internal threats (46%), emphasising the need for streamlined defence strategies.
Jeetu Patel, Cisco’s chief product officer, stated, “As AI transforms the enterprise, we are dealing with an entirely new class of risks. This year’s report reveals alarming gaps in security readiness and a lack of urgency to address them. Organisations must rethink their strategies now or risk becoming irrelevant in the AI era.”
The Index evaluates readiness across five pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification. It draws on responses from 8,000 security and business leaders across 30 global markets.
Key findings
- AI’s role in cybersecurity: A significant 90% of organisations use AI to enhance threat understanding, while 82% employ it for detection and 64% for response and recovery.
- GenAI deployment risks: While 64% of employees use approved third-party GenAI tools, 10% have unrestricted access to public GenAI, and 74% of IT teams are unaware of employee interactions with these tools.
- Shadow AI concerns: 81% of organisations lack confidence in detecting unregulated AI deployments, posing serious cybersecurity and data privacy risks.
- Vulnerability from unmanaged devices: 89% of organisations face increased security risks due to employees accessing networks from unmanaged devices.
The ongoing shortage of skilled cybersecurity professionals remains a significant challenge for 95% of organisations, with many reporting multiple unfilled positions. As threats evolve, the imperative for enhanced cybersecurity readiness in Hong Kong has never been clearer.
"AI plays a pivotal role in enhancing cybersecurity defenses by enabling faster threat detection and response. Organisations need to assess their current readiness, leverage AI-driven solutions, and take proactive steps to strengthen cyber resilience,” said Iris Feng, general manager of Cisco Hong Kong, Macau, and South China.