AI in Cybersecurity Statistics 2026

Artificial intelligence has moved to both sides of the cybersecurity front line at the same time. Attackers now use large language models to write phishing, clone voices, and in at least one documented case orchestrate an espionage campaign almost end to end. Defenders use the same technology to cut breach detection times to a nine-year low and save close to $2 million per incident. This page compiles more than 80 concrete, sourced statistics on where that contest stood in 2026, drawn from IBM, the World Economic Forum, CrowdStrike, Microsoft, Gartner, ENISA, the FBI and other primary sources. Where useful, it combines those figures into original metrics you will not find in any single report.

AI-powered cyberattacks: the 2026 threat landscape

By 2026, AI had stopped being a future cyber risk and become the defining one. In the World Economic Forum's Global Cybersecurity Outlook 2026, surveying 804 leaders across 92 countries, AI was the runaway answer to nearly every question about what is changing fastest. The numbers from threat-intelligence vendors back that perception up: AI-assisted operations are growing far faster than security budgets, and the time defenders have to react is collapsing.

Two trends sit underneath those headline numbers. The first is volume: generative AI lowers the cost of producing convincing lures, working malware scaffolding and reconnaissance, so the same threat actor can run more campaigns against more targets. The second is speed. CrowdStrike measured the average time between an intruder gaining access and moving laterally inside a network, known as breakout time, at 29 minutes in 2025, with the single fastest case clocking 27 seconds. Mandiant put the median time from compromise to handing the access to a second criminal group at 22 seconds.

• AI-enabled adversary activity rose 89% year over year in 2025, the steepest annual increase CrowdStrike has recorded since it began tracking machine-assisted operations (CrowdStrike Global Threat Report, 2026).
• The window to respond is shrinking: average eCrime breakout time fell to 29 minutes in 2025, 65% faster than the year before, and Mandiant clocked a median attacker handoff of just 22 seconds (CrowdStrike 2026; Mandiant M-Trends 2026).
• Exploitation now outruns patching, with Mandiant reporting a mean time-to-exploit that has effectively gone negative, meaning vulnerabilities are weaponized before a fix is even available (Mandiant M-Trends 2026).
• Almost nine in ten leaders flagged AI-related vulnerabilities as the fastest-growing category of cyber risk through 2025, yet only 64% of organizations have a process to vet the security of the AI tools they adopt, up from 37% a year earlier (WEF Global Cybersecurity Outlook 2026).
• Regulators expect the trend to intensify: Gartner forecasts that 17% of all cyberattacks and data leaks will involve generative AI by 2027, and that 40% of AI-related breaches will stem from cross-border misuse of the technology (Gartner, 2024-2025).

There is an important counterweight to the alarm. Several primary datasets show that, so far, attackers mostly bolt AI onto existing playbooks rather than gain entirely new capabilities. Sophos found exactly one verified case of attacker generative-AI use, a deepfake, across 661 incidents in its 2024-2025 dataset. Picus Labs analyzed more than one million malicious files in 2025 and found no evidence that AI-generated malware had become common, while Google's threat-intelligence team concluded that state actors using its models gained "no breakthrough capabilities." Read together, these sources suggest AI is currently a force multiplier rather than a step change for offense, which is exactly the moment defenders should use to get ahead.

Sources: World Economic Forum Global Cybersecurity Outlook 2026; CrowdStrike 2026 Global Threat Report; Mandiant (Google Cloud) M-Trends 2026; IBM Cost of a Data Breach Report 2025; Gartner press releases (2024-2025); Sophos Active Adversary Report 2026; Picus Security Red Report 2026; Google Threat Intelligence Group AI Threat Tracker.

Deepfake fraud and AI-generated phishing statistics

If one category captures how AI changed everyday crime, it is synthetic media. Voice clones now need only a few seconds of audio, face swaps can pass some liveness checks, and phishing text written by a model reads as cleanly as anything a human could produce. The growth rates are extraordinary, and unlike speculative malware risk, the losses are already landing on balance sheets.

Identity-verification networks see the trend earliest because they sit at the point of attack. Pindrop, which screens more than a billion calls, recorded a 1,300% jump in deepfake fraud attempts during 2024, moving from roughly one a month to about seven a day, and logged a 149% rise in synthetic-voice fraud at banks and a 475% rise at insurers. Entrust reported a deepfake striking a digital identity check once every five minutes, alongside a 244% surge in forged documents. These are not projections; they are counts from production fraud-detection systems.

• Deepfake fraud rose 700% globally between the first quarters of 2024 and 2025 across all industries, according to verification data from Sumsub (Identity Fraud Report 2025-2026).
• Voice cloning has become a finance-grade weapon: Pindrop logged a 1,300% rise in deepfake attempts in 2024 and put AI behind 42.5% of all fraud attempts on its network, with nearly one in three judged successful (Pindrop Voice Intelligence and Security Report, 2025).
• AI-written phishing now dominates the channel, with ENISA estimating that more than 80% of phishing emails observed between September 2024 and February 2025 used AI to some degree, and Microsoft measuring AI-driven phishing as roughly three times more effective than traditional campaigns (ENISA Threat Landscape 2025; Microsoft Digital Defense Report 2025).
• Controlled research confirms the effectiveness, with a Harvard and academic team led by Heiding and Schneier finding fully automated GPT-4 phishing achieved click rates of 30% to 44%, beating generic control emails at 19% to 28% (arXiv 2308.12287 / IEEE Access, 2024).
• Business email compromise remains the costliest lure, draining $2.77 billion from US victims in 2024 out of $16.6 billion in total reported internet-crime losses, a 33% annual increase (FBI IC3 2024 Internet Crime Report).

One original way to size the problem: AI-generated phishing is both more common and more effective. Combining ENISA's finding that over 80% of phishing now uses AI with Microsoft's measurement that AI phishing converts about three times better, the majority of the phishing reaching inboxes in 2026 is not only machine-written but materially harder to resist than the clumsy lures users were trained to spot a few years ago (TheAIDaily based on ENISA 2025 and Microsoft 2025).

Sources: Sumsub Identity Fraud Report 2025-2026; Pindrop 2025 Voice Intelligence and Security Report; Entrust/Onfido 2025 Identity Fraud Report; Deloitte Center for Financial Services (2024); ENISA Threat Landscape 2025; Microsoft Digital Defense Report 2025; Heiding, Schneier et al. (arXiv 2308.12287, 2024); FBI IC3 2024 Internet Crime Report; TransUnion (2025).

AI in cyber defense: security operations and detection

Defenders are not standing still. AI now sits inside most security stacks, and the productivity evidence is unusually solid because some of it comes from randomized controlled trials rather than vendor marketing. The headline benefit is speed: AI triages alerts, drafts investigations and summarizes incidents far faster than analysts working alone, which directly lowers the cost and damage of a breach.

Adoption is broad but uneven. Darktrace found AI tools in 77% of security stacks, while IBM reported that only about a third of organizations use AI and automation extensively across their operations, leaving two-thirds yet to capture the full benefit. The productivity numbers explain why the laggards are leaving money on the table: in Microsoft's randomized trials, security professionals using Copilot for Security finished tasks 22% faster and 7% more accurately, and newer analysts improved accuracy by 44%.

• AI is now standard equipment, appearing in 77% of security stacks, with a further 64% of organizations planning to add AI-powered tools within a year (Darktrace State of AI Cybersecurity 2025).
• Randomized trials show real gains, as Microsoft's controlled studies found IT and security staff completing tasks roughly 22% to 30% faster with measurable accuracy improvements when using an AI security copilot (Microsoft RCTs, 2024; arXiv 2411.01067).
• Agentic triage is reaching production, with CrowdStrike reporting its Charlotte AI matches expert analyst decisions at over 98% accuracy and removes more than 40 hours of manual triage work per week, though these are vendor internal benchmarks (CrowdStrike, 2025-2026).
• Most teams already see results: 70% of organizations actively using AI security tools report positive outcomes, and only 2% saw no measurable improvement (ISC2 AI Pulse Survey, 2025).
• Trust lags adoption sharply, with just 11% of teams fully trusting AI for mission-critical security work and 61% saying they only "somewhat" trust it, a caution that keeps a human in the loop (Splunk/Cisco State of Security 2025).

That gap between belief and trust is the most telling defensive metric of the year. Set the 96% of CISOs who say AI improves their security against the 11% who would let it run critical tasks unsupervised, and you get an 85-point confidence gap (TheAIDaily based on Darktrace 2025 and Splunk/Cisco 2025). It explains why 2026 was the year of the AI copilot rather than the autonomous SOC: organizations want the speed, but insist on keeping a person accountable for the call.

Sources: Darktrace State of AI Cybersecurity 2025; IBM Cost of a Data Breach Report 2025; Microsoft Security Copilot randomized controlled trials (2024, arXiv 2411.01067); CrowdStrike (2025-2026); ISC2 AI Pulse Survey 2025; Splunk/Cisco State of Security 2025; SANS 2025 SOC Survey.

How AI changes the cost of a data breach

The clearest dollar argument for defensive AI is IBM's Cost of a Data Breach Report 2025, built on 600 breached organizations and more than 3,470 interviews. For the first time in five years, the global average breach cost fell, dropping 9% to $4.44 million, and IBM attributed the decline largely to faster AI-assisted detection and containment. Speed, in other words, became measurable savings.

The cost gap between AI-enabled and AI-absent defenders is now substantial. Organizations using AI and automation extensively spent about $3.62 million per breach, against $5.52 million for those that did not, a difference of $1.9 million. Expressed another way, extensive security AI cut the per-breach cost by roughly 34% (IBM 2025). The same organizations resolved incidents 80 days faster, and the global mean time to identify and contain a breach fell to 241 days, the lowest in nine years.

Ransomware remains the most disruptive breach type, but the economics shifted in defenders' favor. Verizon found ransomware in 44% of breaches, up sharply year over year, yet Sophos reported that the median ransom paid fell to roughly $1 million, recovery costs dropped 44% to $1.53 million, and a record 64% of victims refused to pay at all. The fall in payments reflects better backups, faster detection and a hardening corporate stance, not a retreat by attackers.

• Ransomware appeared in 44% of breaches in 2025, rising to 88% of breaches at small and mid-sized businesses, where it is the dominant threat (Verizon 2025 Data Breach Investigations Report).
• Victims are paying less and refusing more often, with the median ransom down about 50% to roughly $1 million, mean recovery costs down 44% to $1.53 million, and 64% of victims declining to pay (Sophos State of Ransomware 2025; Verizon 2025).
• Reported cybercrime crossed a grim threshold, as the FBI's IC3 logged $20.9 billion in losses in 2025 and, for the first time, more than one million complaints (FBI IC3 2025 Internet Crime Report).
• AI-enabled crime got its own line item, with the FBI attributing $893 million in 2025 losses to AI-enabled schemes across 22,364 complaints, about 4% of all reported losses in the report's first dedicated AI section (FBI IC3 2025).
• Faster is cheaper: breaches contained in under 200 days cost about $3.87 million versus $5.01 million for slower ones, a $1.14 million premium for letting an incident run (IBM 2025).

Sources: IBM Cost of a Data Breach Report 2025; Verizon 2025 Data Breach Investigations Report; Sophos The State of Ransomware 2025; FBI IC3 2025 Internet Crime Report; Chainalysis 2026 Crypto Crime Report.

Shadow AI and the enterprise attack surface

The flip side of adopting AI is that AI itself becomes something to defend. In 2025 a new category entered the breach statistics: "shadow AI," meaning models, copilots and chatbots used at work without security oversight. IBM's data shows it is already expensive, and the governance gap behind it is wide enough to drive a truck through.

The pattern IBM documents is consistent: organizations are deploying AI faster than they are securing it. One in five breaches involved shadow AI, those breaches cost $670,000 more than average, and 63% of breached organizations had no AI governance policy at all. Among organizations that suffered a breach of their own AI models or applications, 97% lacked proper AI access controls, a near-universal failure that turns every new copilot into a potential door.

• Shadow AI is now a measurable cost center, implicated in 20% of breaches and adding $670,000 to the average bill, with 65% of shadow-AI breaches exposing customer personal data versus 53% across all breaches (IBM 2025).
• Governance has not kept pace with adoption, as 63% of breached organizations had no AI governance policy and 13% reported a breach of their own AI models or applications (IBM 2025).
• Employees are racing ahead of IT, with survey data indicating 56% of workers use unsanctioned AI tools against only 23% using officially governed ones (shadow-AI surveys, 2025).
• AI applications test badly under attack, with Cobalt finding 32% of large language model pentest findings were serious vulnerabilities, the highest rate of any asset type, while only 21% of those serious flaws were ever remediated (Cobalt State of LLM Security 2025).
• Prompt injection is the defining new weakness, ranked the number-one risk in the OWASP Top 10 for LLM Applications and accounting for 37.6% of AI pentest findings (OWASP 2025; Cobalt 2025).

Here is the uncomfortable arithmetic. Gartner estimates that of the AI security market, only about 5.5% is spent on securing AI itself, the rest going to using AI to defend other things. Yet 13% of organizations have already had their own AI breached and 97% of those lacked basic controls. Spending on protecting models is running far behind the rate at which those models are being attacked (TheAIDaily based on Gartner 2025 and IBM 2025).

Sources: IBM Cost of a Data Breach Report 2025; Cobalt State of LLM Security Report 2025; OWASP Top 10 for LLM Applications 2025; Gartner AI spending forecast (2025); shadow-AI workforce surveys (2025).

AI cybersecurity market size and investment

Projected US generative-AI fraud losses of 40 billion dollars by 2027 (Deloitte) already exceed the entire global market for AI cybersecurity defense, which our six-analyst compilation puts at 25 to 31 billion dollars in 2025. On top of US losses, the European Economic Area logged 4.2 billion euros in payment fraud in 2024 alone (EBA/ECB, via our AI-in-finance data). The money lost to AI-enabled fraud is outrunning the money spent to stop it.

Money is following the threat. Overall security spending kept climbing, AI became the dominant growth narrative inside it, and venture capital poured into startups that either use AI to defend or defend AI itself. Market-size estimates vary widely because analysts define the category differently, so the honest approach is to present the range rather than a single false-precision number.

Across six independent analyst estimates, the AI-in-cybersecurity market sits at roughly $25 billion to $31 billion in 2024-2026 and is projected to reach $50 billion to $94 billion by 2030-2031, implying a compiled annual growth range of about 15% to 25% (TheAIDaily based on Grand View Research, Mordor Intelligence, MarketsandMarkets and Research and Markets). The spread is wide because "AI in cybersecurity," "generative AI cybersecurity" and "AI security platforms" are different things, so the table below keeps each estimate in its own scope rather than averaging them into a misleading single figure.

• Overall security spending keeps rising, with Gartner putting worldwide information-security spend at $213 billion in 2025 and forecasting $244.2 billion in 2026, up 13.3%, with AI named a key accelerant (Gartner, 2025).
• Venture funding for AI security nearly tripled, climbing from $2.16 billion in 2024 to $6.34 billion in 2025, with average deal size rising from $34 million to $54 million (Crunchbase, 2025).
• The category produced landmark exits, led by Google's $32 billion acquisition of Wiz, the largest deal in Google's history, after Wiz crossed $1 billion in annual recurring revenue (TechCrunch, 2026).
• AI-native security firms commanded premium valuations, including Cyera reaching a $12 billion valuation, Snyk at $8.5 billion and Abnormal at $5.1 billion (company announcements, 2024-2026).
• Defense outspends protection by a wide margin, as Gartner estimates enterprises spend roughly 17 times more using AI to defend than securing the AI they deploy, leaving model security underfunded (Gartner, 2025).

Sources: Gartner information-security spending forecasts (2025); IDC Worldwide Security Spending Guide (2025-2026); Grand View Research; Mordor Intelligence; MarketsandMarkets; Crunchbase cybersecurity funding analysis (2025-2026); TechCrunch; company press releases.

AI governance, regulation and national security

As capability climbed, so did the rulebook and the politics around it. Europe's AI Act set hard penalties, security researchers showed that even frontier models can be jailbroken, and in June 2026 the question of who may use the most capable models became a national-security flashpoint. Governance moved from a compliance footnote to a board-level cybersecurity issue.

The EU AI Act is the most consequential framework. Its penalties run up to €35 million or 7% of global turnover for prohibited practices, with lower tiers of €15 million or 3% for high-risk non-compliance. Its general-purpose AI obligations took effect on 2 August 2025, while the high-risk deadlines were deferred under the Digital Omnibus agreed in May 2026, moving the main standalone high-risk date from August 2026 to 2 December 2027. Security teams are increasingly the ones implementing it: 47% now help develop AI governance, up from 35% a year earlier.

• Frontier models remain jailbreakable, with the UK AI Security Institute reporting universal jailbreaks in every system it tested across more than 30 frontier models since late 2023, even as safeguards improve (UK AISI Frontier AI Trends Report, 2025).
• AI cyber capability is climbing fast, with models now able to complete about 50% of apprentice-level cyber tasks such as finding code vulnerabilities, up from roughly 10% in early 2024, and task length doubling about every eight months (UK AISI, 2025).
• Governed organizations fare better, as Gartner found firms using AI governance platforms were 3.4 times more likely to achieve high governance effectiveness, while 62% cited security and risk as the main blocker to scaling agentic AI (Gartner 2025; Stanford HAI 2026).
• Policy adoption is widening, with Stanford HAI reporting that only 11% of organizations now lack any responsible-AI policy, down from 24% in 2024 (Stanford HAI AI Index, 2025).
• Recorded AI incidents keep rising, reaching 233 in 2024, up 56% year over year, and climbing further to 362 in 2025 (Stanford HAI AI Index, 2025-2026).

Sources: EU AI Act (Article 99 and phased implementation); European Commission Digital Omnibus (2026); UK AI Security Institute Frontier AI Trends Report 2025; OWASP Top 10 for LLM Applications 2025; Stanford HAI AI Index 2025-2026; Gartner (2025); Anthropic and news coverage of the Fable 5 / Mythos 5 directive (June 2026).

The AI cybersecurity skills gap and workforce

None of this defense happens without people, and there are not enough of them. The cybersecurity workforce gap remains enormous, AI skills are the hardest to find, and burnout is pushing experienced staff toward the exits. AI is emerging as both a cause of new skill demands and a partial cure for the shortage.

ISC2 puts the global workforce gap at 4.8 million unfilled roles, its most recent estimate and a record, while 59% of professionals report critical or significant skills gaps, up from 44% the year before. The single most-cited gap is AI and machine learning at 41%, ahead of cloud security and risk assessment. At the same time, ISACA found 55% of teams understaffed and 65% with unfilled positions, and Splunk reported 52% of practitioners so stressed they are considering leaving the field altogether.

• The talent shortage is structural, with ISC2's most recent estimate of 4.8 million unfilled roles standing as a record, and 95% of professionals reporting at least one skills need (ISC2 Cybersecurity Workforce Study, 2025).
• AI is the scarcest skill of all, named the top gap by 41% of security professionals, which is precisely the capability now most in demand to counter AI-enabled threats (ISC2, 2025).
• Practitioners see augmentation, not replacement, with 73% believing AI will create more specialized cyber roles and 72% expecting it to demand more strategic thinking rather than cut headcount (ISC2, 2025).
• AI is filling the staffing breach, as 59% of teams report boosting SOC efficiency with AI and one in three plan to use AI and automation specifically to close skills gaps (Splunk/Cisco State of Security 2025).
• Gartner expects deep automation by 2028, projecting AI will handle more than half of Tier-1 SOC analyst tasks and that over 75% of enterprises will use AI-amplified security products, up from under 25% in 2025 (Gartner, 2025-2026).

Combine those figures and the workforce story becomes a single argument: with 4.8 million roles open, 55% of teams understaffed and burnout pushing half of practitioners toward the door, AI is shifting from a nice-to-have to the only realistic way to keep coverage. The 59% already reporting efficiency gains and Gartner's forecast of majority Tier-1 automation by 2028 point to AI absorbing the routine load so scarce humans can focus on judgment (TheAIDaily based on ISC2, ISACA, Splunk and Gartner, 2025-2026).

Sources: ISC2 2025 Cybersecurity Workforce Study; ISACA State of Cybersecurity 2025; Splunk/Cisco State of Security 2025; Bitsight State of Cybersecurity Burnout 2025; Gartner (2025-2026).

AI cybersecurity by region and sector

The AI security contest does not play out evenly. North America dominates spending, Asia-Pacific is growing fastest, and developing economies face the sharpest skills shortages. By sector, public administration and finance absorb the most targeting, while finance also leads in deploying AI defenses.

North America holds roughly 37% to 38% of the global AI-in-cybersecurity market, the largest regional share, with Asia-Pacific the fastest-growing region and Europe around a fifth. Because these splits come from commercial market-research firms and the definitions differ, treat them as indicative ranges rather than precise figures.

• Spending is concentrated: North America and Asia-Pacific together account for roughly two-thirds of the AI cybersecurity market, leaving Europe, the Middle East and Africa to share the rest (TheAIDaily based on Grand View Research and Global Growth Insights, 2025).
• The skills gap is worst where budgets are thinnest, with the WEF finding 65% of organizations in Latin America and the Caribbean and 63% in sub-Saharan Africa citing a cyber skills shortage as their most acute constraint (WEF Global Cybersecurity Outlook 2026).
• Public bodies are the prime target in Europe, absorbing 38.2% of recorded attacks across 4,875 incidents, far ahead of transport at 7.5% and finance at 4.5% (ENISA Threat Landscape 2025).
• Finance leads on AI defense, with about 91% of US banks deploying AI for fraud detection and 68% of financial-services professionals saying AI helps fill skills gaps (industry and KPMG data, 2025).
• Boards have internalized the risk, as 60% of business and technology leaders rank cyber among their top three strategic priorities and name AI their number-one cyber budget item at 36% (PwC 2026 Global Digital Trust Insights).

Consumers feel the shift too. Mastercard found 53.9% of consumers believe AI could increase their fraud risk and 73.9% expect strong security safeguards on every transaction, while only 11% of organizations fully trust AI for mission-critical tasks. The through-line across regions and sectors is the same tension seen everywhere on this page: enthusiasm for what AI can do, tempered by hard limits on how far anyone will trust it unsupervised.

Sources: Grand View Research and Global Growth Insights (2025); WEF Global Cybersecurity Outlook 2026; ENISA Threat Landscape 2025; CrowdStrike Global Threat Report; PwC 2026 Global Digital Trust Insights; Mastercard 2025 Consumer Cybersecurity Survey; KPMG (2025).

Key takeaways

• AI is the defining cyber variable of 2026. 94% of security leaders call it the biggest driver of change, and it now shapes both the attack and the defense.
• Defense is winning on economics, for now. Security AI cut the average breach cost by about 34%, saving $1.9 million and 80 days per incident and helping push the global average down 9% to $4.44 million.
• Synthetic-media fraud is the clearest present danger. Deepfake fraud rose 700% in a year, AI writes more than 80% of phishing, and US genAI fraud losses are projected to hit $40 billion by 2027.
• Agentic attacks are rare but real. AI ran 80% to 90% of a documented espionage campaign, yet Sophos verified only one attacker AI case in 661 incidents, so the threat is emerging rather than ubiquitous.
• Securing AI lags using AI badly. Just 5.5% of AI security spend protects AI itself, even though 13% of organizations have already been breached through their own models and 97% of those lacked basic controls.
• Trust is the bottleneck. 96% of CISOs say AI improves their security but only 11% fully trust it for critical tasks, an 85-point gap that keeps humans in the loop.
• People remain the scarcest resource. With 4.8 million roles unfilled and AI/ML the top skills gap, AI is shifting from optional to the only realistic way to keep coverage.
• Model security is now geopolitics. The June 2026 US order disabling Anthropic's Fable 5 and Mythos 5 shows frontier-model capability and national security have fused into a single cybersecurity question.