The average organization used 27 distinct AI tools in Q3 2025, down from 23 new tools introduced in Q2 2025.

65% of CISOs manage 20 or more security tools.

57% of CISOs report that half or fewer of their security tools deliver measurable Return on Investment (ROI).

13% of CISOs oversee 50 or more security tools.

91% of global organizations plan to implement AI in their tech stack this year, representing a 12-percentage-point increase from the previous year.

58% of CISOs say incidents occurred even though their security tools were in place.

56% of CISOs say their security tools don’t integrate fully.

47% of security and IT professionals learn of misdirected emails from recipients rather than from security tools.

49% say tool complexity is the biggest barrier to maturing their insider risk program.

40% of Managed Service Providers (MSPs) say operational complexity and lack of integrated tooling are their biggest operational barriers in Microsoft 365 management.

16.6% of Managed Service Providers (MSPs) identified a lack of tools as a barrier to fully implementing Microsoft 365 baselines.

42% of companies are making greater investment in technology tools.

11% of respondents pointed to tooling/solutions gaps as the primary barrier to implementing a strong API security program.

74% of education institutions allow AI tools with guidelines for faculty and staff.

49% of students use AI for language assistance.

74% of US-based IT and security professionals said their data recovery tools are too complex to be used without security expertise, which adds to their workplace stress.

60% of students use AI for brainstorming.

78% of defense contractors lack patch management solutions.

67% of US-based IT and security professionals indicated that using technology independently tested by credible third parties for security and reliability would enhance IT teams’ productivity and confidence in cyberattack recovery

17% of education institutions approve AI tools without guidelines for faculty and staff.