AI tool usage has risen 21% year-over-year, with 65% of respondents now using AI, according to a report released by the National Cybersecurity Alliance (NCA) and CybSafe.
In fact, the adoption of AI tools is led by ChatGPT at 77% adoption, followed by Gemini usage at 49% and Copilot at 26%. Yet despite this surge, 58% of users report receiving no training on security or privacy risks associated with these technologies. Even more concerning, 43% admitted to sharing sensitive workplace information with AI tools without employer knowledge, including internal company documents (50%), financial data (42%), and client data (44%).
“AI adoption has skyrocketed in just one year – from 44% in 2024 to 65% today – yet safe practices still lag dangerously behind,” says Lisa Plaggemier, executive director of the National Cybersecurity Alliance. “Last year’s report showed early warning signs of this gap, and this year’s findings confirm it’s widening. People are embracing AI in their personal and professional lives faster than they are being educated on its risks. Without urgent action to close this gap, millions are at risk of falling victim to AI-enabled scams, impersonation, and data breaches.”
Key takeaways:
· Cybercrime victimization, including crypto scams, phishing attacks, identity theft, tech support scams, and online dating scams, has risen sharply. 44% of respondents reported experiencing cybercrime that led to data or monetary loss, a 9% increase from the previous year. Younger generations were hit hardest: 59% of Gen Z and 56% of Millennials reported losses from scams ranging from phishing to cryptocurrency fraud.
· More than half of participants (55%) report having no access to cybersecurity training, a figure that has barely shifted from last year. Even among those with access, only 32% said they use it. 47% of respondents credit it with improving their ability to recognize phishing, 42% said it encouraged them to adopt multi-factor authentication and 40% adopted strong passwords. Time constraints and doubts about its effectiveness remain leading reasons why many skip training altogether, underscoring the need for a more outcomes-focused approach and a recognition that training doesn’t guarantee behavior change .
· Just 62% of respondents report regularly creating unique passwords, a decline from last year, while 41% never use a password manager. While multi-factor authentication is widely recognized (77%), less than half (41%) use it regularly. Software updates show slightly better traction, with 56% of participants updating frequently, though fewer than half (47%) consistently back up important data. These gaps reveal persistent vulnerabilities in even the most basic security measures.
· Overall, roughly two-thirds of participants (66%) are confident in their ability to identify a malicious email or link, but confidence differs sharply by age and geography. Millennials remain the most confident (72%), followed by Gen Z (66%), while Baby Boomers and the Silent Generation trail significantly. Despite rising confidence, fewer than half of participants regularly report phishing attempts, limiting the broader impact of individual vigilance.
· Nearly two-thirds of respondents (63%) express concern about AI-related cybercrime, particularly impersonation and scam evasion. 65% percent believe AI will make it easier for criminals to pose as someone else, while 67% worry it will make real and fake information harder to distinguish. More than half (54%) also think AI will make scams harder to detect overall, with 44% anticipating potential changes to their employment status as the technology becomes more integrated into daily life.
“Cybercrime is no longer just an occasional risk; it's becoming a routine experience particularly for younger generations who are deeply immersed in digital life,” says Oz Alashe MBE, CEO and founder of CybSafe. “And even as cybercrime is hitting younger generations hardest, most people still lack access to effective training and continue to struggle with basic security habits.”
