Radware Cyber Survey Uncovers Critical Weaknesses in Application Security Measures
Intent to use AI-based cyber security solutions
Distribution of API documentation Rates
Concerns and responses to business logic attacks
Only 8% of organizations use AI-based protection solutions
Just 6% of respondents have full documentation for all their APIs
Half of respondents don't know what third-party code is being used by their apps
Only 29% of security staff are fully trained to handle API business logic attacks
MAHWAH, N.J., June 12, 2025 (GLOBE NEWSWIRE) -- Radware® (NASDAQ: RDWR), a global leader in application security and delivery solutions for multi-cloud environments, today released its new report, 2025 Cyber Survey: Application Security at a Breaking Point. The survey reveals threat areas of rapidly growing concern as organizations' cyber defenses lag well behind. This includes a major lack of protection against AI threats, as well as API and business logic attacks, among others.
'The weaponization of AI by malicious actors is intensifying cybersecurity threats and drawing even more attention to areas where companies are simply ill-protected,' said Shira Sagiv, Radware's vice president of product portfolio. 'Internal alarms should be sounding. Companies openly admit to major concerns about gaps in cyber protection and lack of readiness, especially around web applications and APIs; yet their usage continues to climb creating even more risk and exposure.'
KEY FINDINGS
The scramble is on to catch up with AIAccording to the report, the use of AI to improve and intensify hacking tradecraft is of greatest concern. Organizations have significant concerns about threat actors using AI to generate new attacks at a faster cadence, bypassing existing defenses and compromising areas that were previously too difficult to attack.
Top concerns: The following percentage of respondents are highly or extremely concerned about hackers using AI:
To create/improve hacking tools – 70%.
To generate a larger volume of cyberattacks – 67%.
To launch new zero-day attack vectors – 66%.
Large readiness gap: Despite the concerns about hackers embracing AI, only 8% of organizations are currently using AI-based solutions for defenses.
AI adoption: Four out of five organizations plan to implement AI-based cybersecurity solutions within the next 12 months.
Security fails to keep up with sprawling API ecosystemsAPIs are in a constant state of fluctuation. Organizations are increasing their use of APIs even while they remain ill-protected.
Surge in API usage and updates: In 2025, API usage is up 42% compared to the highest rate of usage in 2023, with multiple daily updates to APIs surging 6X during the same time frame.
Widespread third-party usage: On average, organizations are using 19 third-party APIs per application, which introduces new types of threats around data compromise that cannot be mitigated at a coding level.
Poor business logic attack mitigation: Business logic attacks, a common form of API attacks, represent a threat area of rapidly growing concern. While 81% of respondents say it is very or extremely important to have real-time protection measures in place:
Just half have deployed runtime business logic protections.
Only 29% have security staff fully trained to detect and mitigate these attacks.
Lack of preparedness:
On average, only 6% of respondents have full documentation for all their APIs.
Half of respondents don't know what third-party code is being used by their web applications, which data is being leaked to third-party services, and when malicious scripts and services are introduced.
Risks to resilience continue to riseSurvey respondents expressed a lack of confidence in the effectiveness of their defensive posture against growing threats.
Third-party breaches: Only 16% of respondents are confident in their current protection against data breach attempts of third-party services code running on their web applications.
Costly DDoS disruptions: Downtime caused by an application DDoS attack averages $6,100 per minute or $366,000 per hour.
High compliance pressures: An average of 54% of respondents express high or extreme concern about a range of regulations, including NIS2, HIPAA, SEC, PCI DSS 4, GDPR, DORA, and SOX.
MethodologyThe survey, which was conducted with Osterman Research, includes responses from compliance, chief risk, and data privacy officers; vice presidents of research and development; senior network security administrators; senior DevOps and DevSecOps administrators; cloud security; API architects; among other titles. The survey was conducted in nine countries across North America, EMEA, APAC, and LATAM.
Radware's complete 2025 Cyber Survey: Application Security at a Breaking Point can be downloaded here.
About RadwareRadware® (NASDAQ: RDWR) is a global leader in application security and delivery solutions for multi-cloud environments. The company's cloud application, infrastructure, and API security solutions use AI-driven algorithms for precise, hands-free, real-time protection from the most sophisticated web, application, and DDoS attacks, API abuse, and bad bots. Enterprises and carriers worldwide rely on Radware's solutions to address evolving cybersecurity challenges and protect their brands and business operations while reducing costs. For more information, please visit the Radware website.
Radware encourages you to join our community and follow us on: Facebook, LinkedIn, Radware Blog, X, and YouTube.
©2025 Radware Ltd. All rights reserved. Any Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the U.S. and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.
THIS PRESS RELEASE AND THE 2025 CYBER SURVEY: APPLICATION SECURITY AT A BREAKING POINT ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THESE MATERIALS ARE NOT INTENDED TO BE AN INDICATOR OF RADWARE'S BUSINESS PERFORMANCE OR OPERATING RESULTS FOR ANY PRIOR, CURRENT, OR FUTURE PERIOD.
Radware believes the information in this document is accurate in all material respects as of its publication date. However, the information is provided without any express, statutory, or implied warranties and is subject to change without notice.
The contents of any website or hyperlinks mentioned in this press release are for informational purposes and the contents thereof are not part of this press release.
Safe Harbor Statement This press release includes 'forward-looking statements' within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware's plans, outlook, beliefs, or opinions, are forward-looking statements. Generally, forward-looking statements may be identified by words such as 'believes,' 'expects,' 'anticipates,' 'intends,' 'estimates,' 'plans,' and similar expressions or future or conditional verbs such as 'will,' 'should,' 'would,' 'may,' and 'could.' For example, when we say in this press release that the weaponization of AI by malicious actors is intensifying cybersecurity threats and drawing even more attention to areas where companies are simply ill-protected and that their usage continues to climb creating even more risk and exposure, we are using forward-looking statements. Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware's current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions, including as a result of the state of war declared in Israel in October 2023 and instability in the Middle East, the war in Ukraine, tensions between China and Taiwan, financial and credit market fluctuations (including elevated interest rates), impacts from tariffs or other trade restrictions, inflation, and the potential for regional or global recessions; our dependence on independent distributors to sell our products; our ability to manage our anticipated growth effectively; our business may be affected by sanctions, export controls, and similar measures, targeting Russia and other countries and territories, as well as other responses to Russia's military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries; the ability of vendors to provide our hardware platforms and components for the manufacture of our products; our ability to attract, train, and retain highly qualified personnel; intense competition in the market for cybersecurity and application delivery solutions and in our industry in general, and changes in the competitive landscape; our ability to develop new solutions and enhance existing solutions; the impact to our reputation and business in the event of real or perceived shortcomings, defects, or vulnerabilities in our solutions, if our end-users experience security breaches, or if our information technology systems and data, or those of our service providers and other contractors, are compromised by cyber-attackers or other malicious actors or by a critical system failure; our use of AI technologies that present regulatory, litigation, and reputational risks; risks related to the fact that our products must interoperate with operating systems, software applications and hardware that are developed by others; outages, interruptions, or delays in hosting services; the risks associated with our global operations, such as difficulties and costs of staffing and managing foreign operations, compliance costs arising from host country laws or regulations, partial or total expropriation, export duties and quotas, local tax exposure, economic or political instability, including as a result of insurrection, war, natural disasters, and major environmental, climate, or public health concerns; our net losses in the past and the possibility that we may incur losses in the future; a slowdown in the growth of the cybersecurity and application delivery solutions market or in the development of the market for our cloud-based solutions; long sales cycles for our solutions; risks and uncertainties relating to acquisitions or other investments; risks associated with doing business in countries with a history of corruption or with foreign governments; changes in foreign currency exchange rates; risks associated with undetected defects or errors in our products; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; laws, regulations, and industry standards affecting our business; compliance with open source and third-party licenses; complications with the design or implementation of our new enterprise resource planning ('ERP') system; our reliance on information technology systems; our ESG disclosures and initiatives; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware's Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC), and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware's public filings are available from the SEC's website at www.sec.gov or may be obtained on Radware's website at www.radware.com.
Media Contact:Gerri DyrekRadwareGerri.Dyrek@radware.com
Photos accompanying this announcement are available at
https://www.globenewswire.com/NewsRoom/AttachmentNg/f5342914-5ae1-430e-a838-b75e663c5eb4
https://www.globenewswire.com/NewsRoom/AttachmentNg/83a75b37-0294-485f-a2b8-c968fd9fce15
https://www.globenewswire.com/NewsRoom/AttachmentNg/08209312-e0da-48d4-a5aa-aa7deea6b77d
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
32 minutes ago
- Forbes
From Cognitive Debt To Cognitive Dividend: 4 Factors
Benjamin Franklin portrait and light bulbs idea concept on white background When an eye-catching (not yet peer reviewed) MIT Media Lab paper — Your Brain on ChatGPT — landed this month, the headline sounded almost playful. The data are anything but. Over four months, students who leaned on a large-language model to draft SAT-style essays showed the weakest neural connectivity, lowest memory recall, and flattest writing style of three comparison groups. The authors dub this hidden cost cognitive debt: each time we let a machine think for us, natural intelligence quietly pays interest. Is it time to quit the AI train while we still can, or this the moment to adopt a more thoughtful yet pragmatic alternative to blind offloading? We can deliberately offset cognitive debt with intentional mental effort, switching between solo thinking and AI-assisted modes to stretch neural networks rather than letting them atrophy. Drawing from insights into physiology, this might be the moment to adopt a cognitive high-intensity interval training. To get started think in terms of four sequential guardrails, the 4 A-Factors — that convert short-term convenience into the long-term dividend of hybrid Intelligence:. Attitude: Set The Motive Before You Type (Or Vibe Code) Mindset shapes outcome. In a company memo published on 17 June 2025, Amazon chief executive Andy Jassy urged employees to 'be curious about AI, educate yourself, attend workshops, and experiment whenever you can'. Curiosity can frame the system as a colleague rather than a cognitive crutch. Before opening a prompt window, write one sentence that explains why you are calling on the model, for example, 'I am using the chatbot to prototype ideas that I will refine myself.' The pause anchors ownership. Managers can reinforce that habit by rewriting briefs: swap verbs such as generate or replace for verbs that imply collaboration like co-design or stress-test. Meetings that begin with a shared intention end with fewer rewrites and stronger ideas. Approach: Align Aspirations, Actions And Algorithms Technology always follows incentives. If we measure only speed or click-through, that is what machines will maximize, often at the expense of originality or empathy. It does not have to be an either-or equation. MIT Sloan research on complementary capabilities highlights that pattern recognition is silicon's strength while judgment and ethics remain ours. Teams therefore need a habit of alignment. First, trace how a desired human outcome, i.e. say, customer trust, translates into day-to-day actions such as transparent messaging. Then confirm that the optimization targets inside the model rewards those very actions, not merely throughput. When aspirations, actions, and algorithms pull in one direction, humans stay in the loop where values matter and machines are tailored with a prosocial intention to accelerate what we value. Ability: Build Double Literacy Tools do not level the playing field; they raise the ceiling for those who can question them. An EY Responsible AI Pulse survey released in June 2025 reported that fewer than one-third of C-suite leaders feel highly confident that their governance frameworks can spot hidden model errors. Meanwhile an Accenture study shows that ninety-two per cent of leaders consider generative AI essential to business reinvention. The gap is interesting. Closing it requires double literacy: fluency in interpersonal, human interplays and machine logic. On the technical side, managers should know how to read a model card, notice spurious correlations, and ask for confidence intervals. On the human side, they must predict how a redesigned workflow changes trust, autonomy, or diversity of thought. Promotions and pay should reward people who speak both languages, because the future belongs to translators, not spectators. Ambition: Scale Humans Up, Not Out The goal is not to squeeze people out but to stretch what people can do. MIT Sloan's Ideas Made to Matter recently profiled emerging 'hybrid intelligence' systems that amplify and augment human capability rather than replace it.. Ambition reframes metrics. Instead of chasing ten-per-cent efficiencies, design for ten-fold creativity. Include indicators such as learning velocity, cross-domain experimentation, and employee agency alongside traditional return on investment. When a firm treats AI as a catalyst for human ingenuity, the dividend compounds: faster product cycles, richer talent pipelines, and reputational lift. 4 Quick Takeaways Attitude → Write the 'why' before the prompt; the pause keeps you in charge. Approach → Harmonize values and tools; adjust the tool when it drifts away from the values you believe in, as a human, offline. Not the other way → Learn to challenge numbers and narratives; double literacy begins with you. Ambition → Audit metrics quarterly to be sure they elevate human potential. Cognitive Debt Is Not Destiny Attitude steers intention, approach ties goals to code, ability equips people to question what the code does, and ambition keeps the whole endeavor pointed at humane progress. Run every digital engagement through the 4 A factor grid and yesterday's mental mortgage turns into tomorrow's dividend in creativity, compassion and shared humanistic value for all stakeholders.
Business Insider
an hour ago
- Business Insider
The Week That Was, The Week Ahead: Macro & Markets, June 22, 2025
Everything to Know about Macro and Markets Stocks closed mixed on Friday amid hopes for de-escalation in the Middle East, still clocking in a second straight week in the red. Despite eking out a small increase on the last trading day of the holiday-shortened week, the Dow Jones Industrial Average (DJIA) ended the weekly session down 1.77%, returning to a year-to-date loss. Meanwhile, the S&P 500 (SPX) fell 1.28%, and the tech-heavy Nasdaq-100 (NDX) lost 1.31% for the week, with both benchmarks still in the green for the year. Confident Investing Starts Here: The Trade War and The Real War Stock markets were moved by geopolitical news during the week, with the Federal Reserve's policy meeting adding a significant macro highlight. The week opened positively as fears of all-out Mideast war eased, after which the rally crumbled – and crude resumed its climb – as Tehran threatened escalation and former President Donald Trump demanded 'total surrender.' After Thursday's Juneteenth closure, investors returned on Friday hoping for the best – but stocks lost ground throughout the day on another bout of trade news. The declines were led by semiconductor and chip equipment stocks, which fell after The Wall Street Journal reported that the U.S. plans to cancel the blanket waivers that allow international chip companies like Samsung, SK Hynix , and TSMC to easily send American chipmaking equipment to their factories in China. The possibility of new restrictions hit risk appetite that had just begun recovering on signs that Trump is giving a chance to diplomacy vis-à-vis Tehran, and after Fed Governor Christopher Waller said he sees a rate cut in July, adding that the inflation hit from tariffs is likely to be short-lived. The Rock and The Hard Place Wednesday's Fed interest rate decision brought no surprises, as the central bank kept rates unchanged, noting that uncertainty 'has diminished but remains elevated.' Fed Chair Jerome Powell noted that 'the economy is in a solid position,' and the Fed is well-positioned to provide a timely response to any economic developments. The Fed's 'Dot Plot' also remained unchanged, as policymakers still expect two rate cuts this year. However, expectations for inflation and unemployment by the end of 2025 both rose, while projections for GDP growth declined, underscoring the Fed's difficulties in establishing monetary policy amid contrasting economic crosscurrents and elevated geopolitical risks. Meanwhile, economic data appear to be confirming the Fed's view of a gradually softening economy. Retail sales fell for a second straight month in May, declining by the most so far in 2025 and marking the first back-to-back monthly decline since the end of 2023. Industrial production declined again, and the NAHB homebuilder confidence index slumped to its lowest since the end of 2022 – while new home construction dropped to the lowest level since 2020. This and other data, coupled with the Fed's updated economic projections, might keep 'stagflation' in the headlines. Sunday's news that the U.S. had struck Iran's nuclear facilities set the stage for a further rise in oil prices, adding short-term inflationary pressures and weighing on investor risk appetite. Markets remain wedged between escalating global risk and weakening fundamentals – with Fed policy constrained, volatility high, and few near-term catalysts to shift sentiment decisively. Stocks That Made the News ▣ Chip equipment makers Lam Research (LRCX), KLA Corp (KLAC), and Applied Materials (AMAT) – along with chipmakers including Nvidia (NVDA), Broadcom (AVGO), and TSMC (TSM) – slumped on the report that the Commerce Department is mulling plans to make it more difficult for U.S. semiconductor equipment to be shipped to Chinese fabs. ▣ Accenture (ACN) shares tumbled by more than 9% on the week after it reported weaker-than-expected bookings for its fiscal third quarter. Although the professional services giant beat on sales and profits, which were boosted by demand related to AI services, the earnings call reflected hesitancy regarding the near-term outlook due to the uncertain global economic backdrop. ▣ Kroger (KR) shares surged by nearly 9% on better-than-expected profit and identical sales growth in fiscal Q1. The operator of the largest chain of traditional grocery stores in the U.S. boosted its full-year identical sales growth forecast and maintained its other guidance. ▣ Coinbase Global (COIN) was by far the best S&P 500 performer last week, clocking in over 20% gain. The shares of the largest U.S. cryptocurrency exchange operator soared after the Senate passed the GENIUS Act, providing a regulatory framework for companies issuing stablecoins and introducing guardrails to prevent the collapse of the digital assets. The Q1 2025 earnings season is over, but several notable earnings releases are still scheduled for the next few days. These include Carnival (CCL), FedEx (FDX), TD SYNNEX (SNX), Micron (MU), General Mills (GIS), Paychex (PAYX), and Nike (NKE).
Yahoo
an hour ago
- Yahoo
Midjourney 推出首個 AI 影片生成模型 V1,正式進軍生成影片服務行列
雖然大家都經常玩 ChatGPT 的圖像生成功能,但說到元祖級、最強的 AI 圖像生成服務,必定是Midjourney,而他們在星期三宣布推出首款 AI 影片創作模型 V1,正式進軍生成影片服務行列。用戶只需上傳一張圖片或相片,就能自動生成一條約 4 – 5 秒長的影片。 上傳相片後,V1 可以很簡單地用自動方式生成影片,當然亦有提供一些設定讓用戶去調整,例如使用手動模式以文字描述想要加入的特定動畫效果,又或者調整鏡頭走向等。Midjourney V1 可由一張相片自動生成一條為 480p 解像度、約 5 秒長的影片,但其實用戶在生成後可延長影片四秒、最多四次,因此最長是可生成時長達 21 秒的影片。目前想體驗 V1 的話,每月USD $10 的 Basic 訂閱計劃就可以試用得到,而 USD $60 的 Pro 計劃與 USD $120 的 Mega 計劃用戶,則可在「Relax」模式下無限量地生成影片。Midjourney 表示將會在接下來的一個月內,重新評估影片模型的收費方案。 Introducing our V1 Video Model. It's fun, easy, and beautiful. Available at 10$/month, it's the first video model for *everyone* and it's available now. — Midjourney (@midjourney) June 18, 2025 Midjourney 對 AI 影片模型的期望,不僅於為電影領域影片提供補充素材(B-roll)或製作廣告。據 TechCrunch 的報導指,Midjourney 創始人大衛霍爾茲(David Holz)表示 AI 影片模型的下一步是建構出能夠「即時運行的開放世界模擬」的 AI 模型。現時 Midjourney 正處於與迪士尼與環球影業的侵權訴訟之中,會否成為新服務的絆腳石,屬未知之數。 更多內容: TechCrunch 迪士尼與環球影業聯合狀告 AI 製圖 Midjourney:「侵權與抄襲的無底洞」求償超過 5.9 億美元 古天樂 x AI!本地電影導入 AI 技術示範作,用 Google VEO 2 協助製高質影片 Google I/O 2025 | Google 的 Veo 3 AI 模型現在可以為影片生成搭配的音軌 緊貼最新科技資訊、網購優惠,追隨 Yahoo Tech 各大社交平台! 🎉📱 Tech Facebook: 🎉📱 Tech Instagram: 🎉📱 Tech WhatsApp 社群: 🎉📱 Tech WhatsApp 頻道: 🎉📱 Tech Telegram 頻道:
