54% of cyber leaders say budget constraints are a top challenge

Fortra has published its 2025 State of Cybersecurity survey, revealing insights into the biggest threats on cyber experts’ radars. More than 400 cybersecurity experts across industries were surveyed, including those from the United States, Canada, Europe, Asia, Latin America, the Middle East, the Caribbean, Australia, and New Zealand. 

Over the next six months, respondents predict the top cyber threats will be: 

• Phishing (81%)
• Ransomware and malware (76%)
• Unintentional data loss (63%)
• Social engineering (55%) 
• Third-party risks (52%)

Other threats were listed, such as zero-day attacks (50%), talent shortage (39%), evolving technology (35%), digital risk (32%), and business email compromise (BEC) attacks (19%). 

The survey also reveals the top five cybersecurity initiatives for the year. These include minimizing outsider threats like malware or phishing (74%), identifying and closing security gaps (73%), improving security culture (66%), boosting cloud security (63%), and improving compliance (62%). These top five initiatives are followed by enhancing security skills (58%), minimizing insider threats (44%), improving supply chain security (36%), and consolidating tools (25%). 

Respondents identified the top three obstacles to their initiatives, citing budget constraints (54%), the constant evolution of threats (45%), and inadequate security skills (45%).