The 2025 edition of the Moroccan corporate cybersecurity barometer has been released by the Moroccan Association of Information System Users (AUSIM) in collaboration with international consulting firm PwC. The comprehensive white paper, titled “AUSIM Cybersecurity Barometer Morocco 2025,” presents a detailed overview of cyber threats and recommended strategies across five key areas.
The study emphasizes that cybersecurity has evolved beyond technical constraints to become an essential lever for resilience and competitiveness. As companies adopt advanced digital tools, their exposure to threats—including ransomware, targeted attacks, and data breaches—expands accordingly. The report warns that cybercriminals are refining their methods, forcing businesses to integrate security into their core strategy.
“Cyber governance is evolving: security can no longer be an isolated subject entrusted solely to IT experts,” the survey emphasizes, calling for executives and decision-makers to “actively engage in risk prevention and regulatory compliance.”
Regarding emerging trends, the barometer indicates that cloud computing and artificial intelligence present both opportunities and challenges. While they offer more flexible solutions for protecting digital infrastructure, they also introduce new security vulnerabilities. The survey reveals that 34% of Moroccan technology leaders prioritize cloud investments for cybersecurity, while 42% of global executives perceive it as an increased risk vector.
Human capital remains a critical vulnerability, with human error continuing to be a primary vector for cyberattacks. According to the report, 52% of Moroccan companies consider employee awareness a major challenge, particularly regarding phishing attempts, deepfakes, and password-related vulnerabilities.
The barometer outlines strategic recommendations, highlighting the adoption of the Zero Trust model as a key approach in this transformation. This model limits access to sensitive data and requires systematic verification of user identities and permissions. Investments in cybersecurity, particularly through AI and cloud computing integration, have become essential, though success ultimately depends on continuous employee training.
Regarding corporate maturity, the report reveals a mixed picture. While some organizations have established structures and effective response plans, efforts remain insufficient due to limited cybersecurity investments. The survey finds that 33% of Moroccan companies acknowledge being at an initial stage of budget management, hindering their ability to anticipate emerging threats.
The final section highlights the growing trend of outsourcing, with 64% of Moroccan companies outsourcing all or part of their cybersecurity, favoring managed services for continuous monitoring and enhanced responsiveness. Services typically delegated to specialized providers include vulnerability management, security assessment, and incident response.
The white paper concludes that while Moroccan cyber practices have evolved significantly, persistent gaps remain. It emphasizes that digital security should be viewed not as a constraint but as a guarantee of trust, a strategic asset, and an economic imperative for businesses facing tomorrow’s threats.
