The VikingCloud 2025 Cyber Threat Landscape report shows that AI is intensifying cyberattacks while also reshaping defenses. AI-driven cyber threats like phishing, ransomware, and deepfakes are growing in speed and sophistication. At the same time, AI in cyber defense is helping companies automate detection, reduce alert fatigue, and strengthen resilience. With AI in cybersecurity emerging as both a risk and an opportunity, leaders must balance investments in technology, training, and trusted partners to stay secure in an evolving threat environment. 

AI in cybersecurity is no longer optional. It has become both a weapon for attackers and a shield for defenders. On one side, criminals are using AI-driven cyber threats like deepfakes, phishing, and ransomware-as-a-service to scale attacks faster than most organizations can respond. On the other side, businesses are investing in AI-powered cyber defense tools to automate detection, improve incident response, and build resilience. This duality defines the reality of cybersecurity in 2025. 

Key Takeaways

• AI in cybersecurity is both a major risk and a critical defense tool in 2025.
• AI-driven cyber threats such as phishing, ransomware, and deepfakes are growing in scale and sophistication.
• AI in cyber defense enables automation of detection, response, and patching, giving teams more time for strategic work.
• Human error remains a key weakness—training on agentic AI in cybersecurity and social engineering tactics is essential.
• Organizations are turning to MSSPs that integrate AI security automation and advanced AI in threat detection.
• Transparent reporting and building a security-first culture are as important as investing in tools.

Resilient companies combine AI security tools, skilled teams, and external partners to stay ahead of evolving AI cyberattacks.

Rising Tide of AI-Driven Cyber Threats

The report notes that 58% of organizations suspected AI was involved in cyberattacks over the past year. This signals a sharp escalation in how attackers are applying machine learning, natural language processing, and agentic AI in cybersecurity to create scalable attack methods. Unlike traditional malware that required manual coding, AI can now generate endless variations of phishing lures or malicious payloads that adapt in real time.

• AI phishing attacks are especially dangerous because they read like natural human communication. Leadership teams now rank them as the top concern (51%), more than double the rate of concern just a year ago.
• AI-driven ransomware campaigns, often delivered through ransomware-as-a-service, allow even low-skilled attackers to deploy advanced malware kits. These attacks have devastating financial consequences, with some companies losing over 5% of their revenue after a single breach.
• Deepfake cyberattacks further complicate trust. Whether it’s a CEO impersonation in a video call or a fake voice message authorizing payments, these incidents exploit the human layer of security that’s often the weakest.

In short, AI cyberattacks are multiplying attack surfaces and increasing the cost of failure. Traditional defenses like firewalls and antivirus software are no longer enough.

Nation-State Attacks Get Smarter with AI

Nation-state hackers have always been a concern because they are well-funded, persistent, and motivated by espionage or geopolitical influence. The VikingCloud report reveals that nearly 80% of leaders worry about being targeted directly or indirectly by such actors within the next 12 months.

The danger escalates when nation-state groups adopt AI in threat detection evasion. These attackers are not just exploiting zero-day vulnerabilities—they are using AI in cyberattacks to mask their movements, identify high-value targets faster, and pivot across global supply chains.

For example, AI-enhanced malware can remain dormant until it recognizes certain system conditions, reducing the chances of detection. Similarly, AI can help attackers sift through stolen data at scale, extracting sensitive intellectual property in hours instead of weeks. This combination of persistence and intelligence makes nation-state attacks uniquely destructive.

Underreporting and Leadership Blind Spots

One of the more alarming findings from the VikingCloud study is the culture of underreporting. 48% of leaders admitted to not disclosing major cybersecurity incidents to boards or executives. Some even hid five or more breaches within a year.

The reasons are telling:

• Fear of punitive reactions from leadership.
• Concerns about reputational or financial damage if news became public.
• Uncertainty about what qualifies as a “reportable” incident.

This lack of transparency leaves executives blind to the true scale of AI-driven cyber threats. Without accurate reporting, leadership may assume existing defenses are stronger than they really are. That false confidence can cause businesses to underinvest in AI security tools and training, leaving them more vulnerable to the next attack.

AI-Powered Cyber Defense: The Other Side of the Coin

While attackers use AI to innovate their methods, defenders are finding that AI in cyber defense is the only way to keep pace. According to VikingCloud, 96% of organizations now deploy AI to automate at least part of their security workflows.

Examples include:

• AI in incident response: Automating triage, containment, and mitigation steps to shrink the response window from days to hours.
• AI security automation: Using algorithms to patch vulnerabilities, enforce identity and access controls, and monitor endpoints at scale.
• AI in threat detection: Identifying unusual activity across billions of logs and alerts, something human analysts could never process alone.

These capabilities allow teams to redirect their energy toward higher-value work such as strategic risk assessments or advanced threat hunting. By integrating AI security tools, organizations can better match the speed and scale of modern attackers.

Building Human-Centered Defense with AI Support

Technology is only part of the solution. The report notes that 36% of breaches were caused by insiders, either through mistakes or malicious intent. This shows that people, not just machines, remain the frontline of defense.

Organizations are responding by investing in awareness and training, especially around agentic AI in cybersecurity risks. For example, employees are being taught how to identify AI phishing attacks, spot deepfake messages, and question suspicious voice or video communications.

Pairing AI-powered cyber defense with informed, alert employees creates a layered strategy. Even the most advanced AI security tools can be undone by a single careless click, which makes human vigilance irreplaceable.

Managed Security Services and the AI Skills Gap

The cybersecurity talent shortage is a growing crisis. About one-third of organizations reported lacking skilled professionals to manage advanced defenses. As AI cyberattacks evolve, the expertise required to defend against them also increases.

This is where managed security service providers (MSSPs) come in. The VikingCloud report shows that 66% of organizations now rely on MSSPs to augment their in-house teams. Leaders are prioritizing providers that offer:

• AI security automation to handle scale and complexity.
• AI in threat detection to catch subtle signals of attack.
• Consolidated platforms to reduce vendor overload and alert fatigue.

Outsourcing some or all defenses allows businesses to tap into expert-level resources without bearing the full cost of hiring internally. It’s a pragmatic solution to bridge the skills gap while still benefiting from advanced AI in cybersecurity capabilities.

AI in Cybersecurity: Opportunities for Resilience

The VikingCloud report outlines five strategic shifts that separate resilient companies from vulnerable ones. These serve as a blueprint for how to use AI in cybersecurity as both a shield and an opportunity:

1. Recognize how geopolitical events amplify AI-driven cyber threats.
2. Adopt advanced AI-powered cyber defense tools to stay competitive with modern attackers.
3. Encourage transparency in incident reporting to eliminate blind spots.
4. Automate repetitive work with AI security tools while reinvesting in upskilling employees.
5. Partner with MSSPs that bring expertise in AI in incident response and advanced monitoring.

Companies that make these moves are not just surviving the AI era—they’re leading in it.

Conclusion

The VikingCloud 2025 Cyber Threat Landscape report confirms what many experts already suspected: AI in cybersecurity is reshaping the battlefield. AI-driven cyber threats are more dangerous than ever, but AI-powered cyber defense is also helping organizations fight back. By investing in AI security tools, training employees, and working with trusted partners, businesses can turn the risks of AI cyberattacks into opportunities for stronger resilience. The question isn’t whether AI will play a role—it’s whether organizations will use it wisely enough to stay ahead.

FAQs

Q1. What are AI-driven cyber threats?
AI-driven cyber threats include phishing, ransomware, and deepfake attacks created or enhanced by artificial intelligence. They are faster, scalable, and more convincing than traditional cyber threats.

Q2. How does AI support cyber defense?
AI in cyber defense automates key processes like detection, triage, and patching. It reduces alert fatigue and shortens response times, giving security teams the bandwidth to focus on high-value work.

Q3. What role does agentic AI play in cybersecurity?
Agentic AI in cybersecurity refers to autonomous AI systems that can run attack or defense campaigns with minimal oversight. Attackers use it to scale phishing, while defenders use it to monitor networks continuously.

Q4. Why are AI phishing attacks so effective?
Because AI phishing attacks mimic natural language and context, they appear authentic. Employees often can’t distinguish them from genuine communication, making them more dangerous than older scams.

Q5. Should small businesses worry about AI cyberattacks?
Yes. The VikingCloud report notes that many small businesses could not survive losses from a single attack. AI in cybersecurity makes both threats and defenses scalable, which means SMBs must act with the same urgency as large enterprises.