Moroccan companies alert on ai’s growing cybersecurity threats

Artificial intelligence has emerged as the foremost cybersecurity concern for Moroccan organizations, outpacing even traditional cloud-related risks, according to the 2025 “Ausimètre” report. Conducted by the Moroccan Association of Information Systems Users (AUSIM) in collaboration with PwC, this annual survey reveals a troubling cybersecurity landscape increasingly influenced by sophisticated threats.

A significant one in three companies indicated that the integration of AI has broadened their attack surface. Many reported experiencing targeted and automated assaults, including machine learning-powered phishing, deepfakes, and polymorphic malware.

Despite these alarming risks, 42% of surveyed organizations admitted to lacking internal policies to regulate the use of generative AI, while another 42% acknowledged insufficient employee training on the technology. Alarmingly, 36% reported that their staff use these tools without supervision, raising concerns about potential data breaches and malicious exploitation. A Moroccan cybersecurity official emphasized the critical nature of the situation, warning that “without strict governance, AI becomes a significant vulnerability.”

As organizations grapple with these emerging threats, many are adopting Zero Trust strategies to enhance access control and mitigate potential breaches. The survey revealed that over half of the respondents prioritize employee awareness as their primary line of defense, followed closely by identity and access management and broader security governance. These findings suggest a burgeoning recognition that cybersecurity must transcend technology and permeate organizational culture.

However, a significant barrier persists: investment. Approximately a third of Moroccan companies operate at a rudimentary level of cybersecurity maturity, with constrained budgets limiting their capacity to respond to increasingly complex attacks. This underinvestment also hampers the secure adoption of emerging technologies such as blockchain, robotics, and virtual reality, which remain largely unprotected in numerous organizations.

On a global scale, the disparity is widening. While 67% of cybersecurity leaders worldwide report AI-related risks, 78% have augmented their cybersecurity budgets to counter these threats. In stark contrast, only 18% of surveyed organizations in Morocco have taken similar measures. Furthermore, cloud security remains a vulnerability, with many companies lacking clearly defined responsibilities, appropriate contractual protections, and tested recovery plans.

Nevertheless, the report offers a glimmer of optimism. Approximately 60% of Moroccan businesses intend to leverage AI to enhance threat detection, log analysis, and security operations. Experts caution, however, that these aspirations must be accompanied by clear internal policies, robust leadership, and a steadfast commitment to security governance.

The AUSIM 2025 report concludes with a compelling message: without decisive governance and sufficient investment, Moroccan organizations risk falling behind in the global struggle against cybercrime.