Global survey reveals rising AI threats & costly API security gaps

A new report has highlighted significant gaps in the application security measures of organisations worldwide, with concern mounting over issues ranging from artificial intelligence-driven attacks to poorly documented application programming interfaces (APIs) and insufficient staff training.
The findings were published in Radware's 2025 Cyber Survey: Application Security at a Breaking Point. The report documents a variety of threat areas that are growing more prevalent as organisations' security defences fall behind accelerating risks, particularly those involving AI, APIs, and business logic attacks.
AI threats
According to the survey, the increasing use of AI by malicious actors is causing a spike in cybersecurity concerns. Many organisations are particularly worried about hackers using AI to develop and refine attack tools, generate higher volumes of cyberattack traffic, and produce new vectors for zero-day attacks.
The survey found 70% of respondents are highly or extremely concerned about hackers using AI to create or improve hacking tools. Similarly, 67% expressed strong concern about the potential for AI to generate a larger volume of attacks, and 66% feared the role of AI in launching new zero-day attack vectors.
Despite these concerns, there is little uptake of AI-based protection measures; only 8% of surveyed organisations reported using AI-driven security solutions. However, a significant shift in adoption is anticipated, with four out of five organisations planning to implement AI-based cybersecurity solutions within the next year. "The weaponisation of AI by malicious actors is intensifying cybersecurity threats and drawing even more attention to areas where companies are simply ill-protected," said Shira Sagiv, Radware's Vice President of Product Portfolio. "Internal alarms should be sounding. Companies openly admit to major concerns about gaps in cyber protection and lack of readiness, especially around web applications and APIs; yet their usage continues to climb creating even more risk and exposure."
API vulnerabilities
The survey also points to continued vulnerability in the management of APIs, which are increasingly in use by organisations but often ill-protected. Between 2023 and 2025, API usage has risen by 42%, with the frequency of daily API updates multiplying sixfold during the same period.
On average, organisations are integrating 19 third-party APIs per application, a practice that introduces new risks involving data exposure and potential compromise that are not easily solved at the coding stage.
Business logic attacks, a frequent variant of API attacks, were also noted as a mounting risk. While 81% of respondents said having real-time protection measures for business logic attacks is very or extremely important, only 50% had actually deployed runtime business logic protections. Furthermore, only 29% of security staff are fully trained to detect and manage these types of attacks.
Documentation and audit processes are also lagging. Only 6% of respondents have full documentation for all of their APIs, which poses an additional challenge for maintaining visibility and control. Additionally, half of those surveyed reported not knowing what third-party code is being used by their web applications, where sensitive data may be leaked to external services, or at what points malicious scripts and services are introduced into their systems.
Operational and compliance pressures
Other findings indicate growing concerns over resilience and regulatory compliance. Only 16% of respondents are confident in their protection against data breach attempts involving third-party code running on web applications. The commercial impact of attacks remains high, with downtime due to distributed denial of service (DDoS) attacks costing organisations an average of USD $6,100 per minute—equivalent to USD $366,000 per hour.
Compliance with numerous international regulations continues to place heavy demands on organisations. An average of 54% surveyed said they have high or extreme concern about compliance obligations spanning NIS2, HIPAA, SEC regulations, PCI DSS 4, GDPR, DORA, and SOX.
Survey methodology
The survey, conducted in partnership with Osterman Research, collected responses from a range of professionals including compliance, risk and data privacy officers, vice presidents of research and development, network security administrators, and API architects. Participants were drawn from nine countries located in North America, EMEA, APAC, and LATAM regions.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Otago Daily Times

4 hours ago

• Otago Daily Times

Gearing up for hoppy hours

Beercycles could soon be rolling through Queenstown. PHOTO: SUPPLIED A new type of booze cruise is being pitched for Queenstown. Hamilton-based company Beercycle Ltd has plans to launch in the CBD, using people power to move between various partner venues around the town centre. According to its resource consent application, which has been formally received by Queenstown's council, the beercycles can accommodate up to 15 people, including a host/driver, undertaking two-hour tours, with stops at three or four local venues. The company's been operating in Auckland, Christchurch and Hamilton for nine years without incident — it wants to expand into Queenstown, aligning with the resort's identity as "an adventurous, fun, visitor-driven destination". The bikes are fully pedal-powered, making them an environmentally friendly mode of tourism, while also supporting local hospo venues, the application says. Republic Hospitality Group, which owns 1876, Sundeck and Winnies, provided a letter of support for the application, stating Queenstown's known for its innovation and world-class hospitality, and Beercycle presents a chance to further enhance that. The tours, planned to operate daily between 11am and 9pm, would include onboard music, with a capped output of 60dB — the speed of the beercycle's comparable to a jogger or scooter. Any disturbance to residents is considered less than minor, while there's no conflict anticipated between Beercycle and pedestrians/cyclists, and any environmental or social effects are deemed less than minor and well managed through proposed conditions, the application says.

Otago Daily Times

4 hours ago

• Otago Daily Times

Power trust candidates sought

It is "not a job for the faint-hearted" but volunteers are needed to help keep the lights on across North Otago. The Waitaki Power Trust (WPT) elections are coming up and at least two new members will need to be elected to the consumer trust's five-person board. WPT holds all the shares in Oamaru-based lines company Network Waitaki Limited (NWL), on behalf of about 13,500 households and businesses connected to NWL's electricity distribution network. Long-serving trustee Herb Tonkin has been on the trust since retiring from work 23 years ago. "I was employed by the Waitaki Electric power board for 42 years and I thought it was over to me to give something back to the consumer." "It is the consumers' company — it belongs to every consumer." Fellow trustee John Clements agreed. "They are making a big song and dance about water, and how we're going to have three councils in charge of our water. "It's a very good parallel to draw with the network distribution company, which is ours." A big reason to vote in the election and stand for a seat on the trust was the annual consumer power rebate, which was only made possible through consumer ownership of the lines company, Mr Clements said. "Most consumers get about $79 which is a big help at Christmas time. "It's a rebate on the power, and appears as credit on the power account." Trustees serve a three-year term before becoming eligible to stand again for election or retire. Mr Tonkin and Mr Clements will retain their seats, while two trustees are stepping away and a third will stand for re-election. The WPT is administered by elected trustees and exists to provide oversight and represent the interests of consumers who are both owners and users of NWL's electricity distribution network. The trust monitors NWL's financial performance, ensuring profits are reasonable relative to asset value and capital works. It also undertakes an ownership review every 10 years. Mr Tonkin said being a trustee was an important job, requiring commitment, good knowledge of the trust deed, which established the trust legally, and the ability to foster good relations with NWL company directors. "A trustee is elected by consumers. "Their most important job is they interact with the directors of the company and approve any major transactions or new business undertaken by the company. "It's not a job for the faint-hearted. "The company is having to upgrade the electrical network and is spending a substantial amount to safeguard the continued supply of electricity in North Otago." The major project trustees provided oversight for at the moment is a $50million project to build a new grid exit point. Without it the region will run out of capacity to receive electricity from the national grid by 2027. "It's big biccies,"Mr Tonkin said. NWL chief executive Dylan Andrews said WPT trustees provided a crucial role in the annual setting and monitoring of the company's statement of corporate intent, as well as providing valuable customer insights. "There is an aligned commitment to ensure the company provides safe and reliable electricity service while investing in the network to meet future demands. "The WPT also provides valuable input into the company's annual pricing review. "Our relationship with the Waitaki Power Trust is positive and constructive, as demonstrated through joint activities such as the shared display at the annual North Otago A&P Show and the presentation of the Network Waitaki Sponsorship Awards, which celebrate and support local achievements. "The company is looking forward to working with current and future trustees who provide local insight from across our service areas." Nominations for candidates open on July 9 and close on July 30. Nomination forms are available on the Waitaki Power Trust website Postal voting ballots will be mailed to consumers on August 8 and voting closes on August 29.

Otago Daily Times

a day ago

• Otago Daily Times

Investment adviser aiding the community

She's a woman on a mission to help others, whether through her job as a financial adviser or via service organisation Rotary. Business editor Sally Rae talks to April Eden. Meet April Eden from Dunedin — and yes, that really is her tagline. The rhyme is on purpose and this powerhouse is hot on her own purpose, particularly helping women build confidence with money and take control of their financial futures and flying the flag for service organisation Rotary as a vehicle to do good in the world. English-born but Dunedin-proud, her road to becoming an investment adviser might not have taken a traditional trajectory but she was determined to show her daughters she could achieve something and make her mark on the world. It was when her first child was young that Mrs Eden, 33, decided she did not want to be "another statistic". Having quit secondary school at the beginning of year 12, she worked in hospitality. At 19, she became pregnant and, while "not quite a teen mum", she felt she was still not a full mum in the eyes of society. With creative flair, she had initially thought she would pursue something like graphic design but at 23 found her aptitude in accounting. When she decided to return to study, backed by her supportive partner, she did not want to commit herself, knowing that secondary school and herself did not agree with each other. So, she did a certificate of business administration at Otago Polytechnic and discovered it was very different from secondary school — "you're in charge of yourself". Having enjoyed that, she later completed a Bachelor of applied management, switching majors from marketing to accounting, at the polytechnic. Those early years were a whirlwind which included getting married, having a second child and buying and selling several houses. While studying, she was one of three New Zealand-based students selected to take part in a student workshop held as part of an entrepreneurs' summit in China in 2018, coincidentally all three coming from Otago Polytechnic. But then she could not find a job as an accountant, despite "interviews galore" all over the country. She specifically wanted to get into audit and risk, with a desire to know how businesses worked, but interviews would indirectly raise the matter of her having two children, questioning how she was going to manage the travel. Also, she was getting blank looks when she asked what the career path looked like for her three years down the track. After potentially uprooting her husband, children and life, she did not want to be uplifting them again in three years' time and she wanted to show loyalty to a company — somewhere she could "grow with them". It was when she got an interview for a private wealth assistant at Craigs Investment Partners that she was shown exactly what a 10-year career path looked like. She started there in 2018 and has worked her way up, next January marking four years as an adviser. Bubbly, colourful and a straight talker, Mrs Eden admitted she loved her job. "It sounds really corny, but no two days are the same, there's so much variety in a day." Ultimately, it was a job that was all about relationships and, with a love of people, that flowed through to her extracurricular passion which was Rotary. She did not want to be seen as "just another investment adviser". And when clients or potential clients searched her name, she did not want it to solely come up with her business profile. She wanted it to come up with all the things she was doing in the community that she was passionate about, so they could feel like they were getting to know her a little before they came to see her — "an ordinary person with a pretty cool job, that I actually do care — and I do". President of Rotary Dunedin Central and on the board of District 9999, the Rotary district which covered the South Island, she said it was unfortunate the organisation had the perception of an "old man's club". Her club was 50% female, and the average age was late 50s. "There is still such a need for Rotary, arguably now more than ever," she said. This year, a team from Ignite Consultants Otago, the student-led voluntary organisation which offered free consulting services to not-for-profit organisations, worked with Rotary Dunedin Central. The team was charged with helping make the club more accessible and appealing to young professionals and worked closely with Mrs Eden. With only one of the students knowing what Rotary was before the project, they looked at it from a "completely outside perspective" with no preconceived ideas. Being able to take their suggestions back to the club and further afield was a chance to say "this is literally what young people are saying". For the younger generation wanting to do good in the world, Rotary — which has a seat at the United Nations — could be the vehicle to allow them to do that, she said. Mrs Eden was on a mission to help bring Rotary into 2025 and beyond by breaking the stereotypes, modernising the message and ensuring the organisation continued to do good for decades to come. It was a fine line to tread as she did not want existing members, who had so much wisdom and connections, to be alienated. But she was adamant the only tradition that Rotary had was that it "does good in the community". The organisation had lots of different club structures and options. While there were still some clubs which met weekly, there were also online clubs which did their project planning online, and some clubs which dealt specifically with one cause. "It's just that balance between reminding our existing Rotarians why you joined in the first place — because you wanted to do good in the community — and then telling the next generation that 'hey, we're here and we'll help you do these good things that are important to you now'," she said. Personally, Rotary had given her purpose, friendships, professional and personal development and the chance to make a real impact. Her club was very open to change and trying new things. It had three or four key fundraising projects a year; it helped with the Dunedin Brick Show, featuring all things Lego, at the Edgar Centre and the money raised went to a youth-oriented charity — last year it was Rock Solid. It has the Rotary book sale next month and it also sells pea straw. It bought a commercial washing machine for the Night Shelter and has helped re-establish gardens and an orchard at Bradford School and has also helped the astronomical society. "We recognise that the little guy needs help too. Buying a new laptop for an organisation ... could be the difference between them paying rent on a building they're using for a month or two," she said. Mrs Eden said, when asked how she managed to balance everything, that she worked very hard and she had a fantastic support system with her husband. When it came to resilience in leadership, she was inspired by her elder daughter, who was one of two children who went missing after a bush walk in the Mavora Lakes area in Southland in July 2023. They were found by a search party the following morning. Her daughter came out of that experience braver and even went skydiving for her 13th birthday. Watching her navigate that experience, Mrs Eden said she could not "be the scared person". "Leadership is not about how to avoid the storms, it's how you navigate them and how you bring the others through with you," she said.