According to Thales, AI and quantum threats have hit the top of the worry list of organizations working on data security. This is a key point from the cybersecurity giant’s 2025 data threat report. This is an annual deep dive into the latest data security threats, emerging trends and hot topics.
This year’s survey results are tough. Seven of the 10 organizations have confirmed that they have the number one security headache associated with adoption, especially when generative AI is involved. This anxiety isn’t just about pace. It is also fed by concerns over the fundamental lack of integrity of AI systems (flagrated by 64% of those surveyed) and a nasty deficit in reliability (57% worry).
Generation AI is a data-hungry beast, relying heavily on high quality and often sensitive information in core features such as training models, inference, and of course content generation.
As we progress rapidly with “agent AI” (a system that can act more autonomously), the pressure to ensure that data quality is high caliber becomes even more important. After all, healthy decisions and reliable actions from AI systems rely entirely on the data provided.
Many organizations have already jumped in, with a third showing that generative AI is actively integrated or already a force of transformation within the operation.
Security threats increase as organizations accept generated AI
Generated AI casts the complex web of data security challenges while simultaneously providing a strategic pathway to strengthen defenses, so its integration growth shows a clear shift. Companies don’t just soak their toes in AI water. They are now seeing more mature operational developments.
Interestingly, most respondents tabbed Genai’s rapid intake as their biggest security concern, but pressing the button that goes further along the AI adoption curve to completely lock down the system or tweak the tech stack before moving on. This dash for rapid change – often obscuring efforts to ensure organizational readiness – could mean that these companies are perhaps unconsciously creating their own most serious security weaknesses.
“We are pleased to announce that Eric Hanselman, chief analyst at S&P Global Market Intelligence 451 Research,” said:
“Many companies are deploying genai faster than they can fully understand the application architecture, exacerbated by the rapid spread of SaaS tools that embed genai capabilities, adding layers of complexity and risk.”
On a more positive note, 73% of respondents reported that they are putting their money into AI-specific security tools to combat threats through new budgets or by restructuring existing resources. People who make AI security a priority are also diversifying their approach. Over two-thirds of them source tools from cloud providers, three in five are looking to established security vendors, and almost half are looking for new or emerging startups with solutions.
What I’m talking about in particular is that Generated AI Security climbed the spending chart, earning a second spot in the vote of ranked choices, and was picked up on the posts by perennial concerns of cloud security. This shift strongly emphasizes the growing awareness of AI-driven risks and the urgent need for professional defense to counter them.
Data breaches show a modest decline, but the threat remains rising
While the data breaches’ nightmare is still looming large for many, the frequency of reported cases has actually become slightly pervasive over the past few years.
In 2021, 56% of the companies surveyed said they had experienced a violation at some point. That figure was eased to 45% in the 2025 report. Dive deeper, the percentage of respondents reporting violations within the last 12 months has dropped from 23% in 2021 to 14% more encouragement in 2025.
When it comes to the enduring villains of the threat landscape, malware continues to lead the pack and has held its top spot since 2021. Phishing cleverly took second place, keeping ransomware at third place.
The outside actors dominate who is causing the most concern. Hattivists are now considered a major threat, followed by national state actors. Human error remains an important factor, but it ranked first and third since the previous year.
The vendor forced the preparation for quantum threats
The 2025 Thales Data Threat Report sheds a clear light on the growing anxiety within most organizations about quantum-related security risks.
The biggest threat here is that 63% of respondents are large threats, and the looming danger of “compromising future encryption.” This is the unsettling prospect that a powerful quantum computer can one day shatter currents or future encryption algorithms, and expose data that was previously thought to be securely locked.
On the heel, 61% identified significant distribution vulnerabilities. Here, quantum breakthroughs can undermine the way they use to securely exchange encryption keys. Additionally, 58% emphasized the threat of “Harvest Now, Decrypt Later” (HNDL). This is a cold scenario in which the encrypted data that we scooped today may be deciphered by powerful quantum machines in the future.
In response to these collection clouds, half of the organizations surveyed are looking at current encryption strategies, where 60% are already prototyping or assessing 60% are evaluating Quantum (PQC) solutions. However, trust appears to be a rare item. Because only a third is pinning their hopes to navigate this complex migration to telecoms or cloud providers.
Todd Moore, global vice president of data security products at Thales, commented: “The clock is engraved in the preparations for the Quantum Post-Quantum. It is encouraged that three of the five organizations have already prototyped new encryption, but the deployment timeline may be tight and lagging.
“Even with a clear timeline for a move to PQC algorithms, the pace of encryption is slower than expected due to a mix of heritage systems, complexity and the challenge of balancing innovation and security.”
There is more work to truly speed up operational data security, not only to support the advanced capabilities of emerging technologies like generation AI, but also to lay a safe foundation for any threat to be round the corner.
(Image by Pete Linforth)
reference: AI tools speed up government feedback and experts caution
Want to learn more about cybersecurity and the cloud from industry leaders? Check out the Cybersecurity & Cloud Expo in Amsterdam, California and London. The comprehensive event will be held in collaboration with other major events, including Digital Transformation Week, IoT Tech Expo, Blockchain Expo, and AI & Big Data Expo.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.