Nearly a quarter of cybersecurity bosses said their companies have experienced an attack powered by artificial intelligence in the past year, according to a new survey in which AI risk emerged as the defining challenge.
The number of AI-enabled attacks is likely underestimated because they are often hard to differentiate from human-led efforts, according to a report from the Tel Aviv-based venture fund Team8, which focuses on cybersecurity, AI, data, fintech and digital health. For the survey, the firm queried about 110 chief information security officers, who expressed both fear of malicious uses of AI and hope that it could improve cyber defenses.
“We’ve already seen the impact of AI-driven attacks — especially sophisticated phishing and deepfake campaigns that are incredibly convincing and hard to catch,” said Mandy Andress, the CISO at Elastic, an information technology and data analysis firm, in a statement provided with Team8’s survey. “It’s clear we’re in the early stages of an AI arms race, and right now, the attackers moved first and have the edge.”
The most visible examples of AI-enabled attacks include deepfakes, voice cloning and real-time impersonation tactics to exploit human trust, the report said. But AI can also be used to augment and accelerate attacks and may soon evolve into autonomous weapons capable of acting without human intervention, Team8 said.
“They can exploit vulnerabilities at scale in an automated manner,” said Noa Hen, Team8 strategy director. “They can use AI to write malware much faster.”
Nearly 40% of the CISOs cited securing so-called AI agents that field tasks for users as an unsolved cybersecurity challenge, with the report noting that they can be tricked by attackers or take the wrong actions. Nearly as many CISOs said they worried about securing AI usage among employees. “That’s because very few organizations are getting it right,” according to Team8. “CISOs today face a lose-lose trade-off: either restrict access and stifle innovation or allow usage without controls and accept unmanaged risk.”
In terms of using AI to beef up cyber defenses, 77% of the CISOs expected that the first instances where autonomous AI agents would replace human labor would be less-experienced analysts in security operations centers, according to the survey. Such centers detect and respond to security incidents at organizations.
“AI at its heart is all about speed and scale,” said Mike Rogers, a former admiral who led the National Security Agency and US Cyber Command and who is now operating partner at Team8. “It helps an attacker from that perspective, but that’s what we need to help the defender.”
The CISOs also cited also reflect recurrent issues such as computer systems’ vulnerabilities.
More than 40% of survey respondents indicated that more than 40% of “critical” vulnerabilities had persisted past the deadline to resolve them, according to the report. The reason for those unpatched flaws, most respondents said, was limited staff or time. Some cybersecurity leaders indicated patches were unavailable, or that taking systems down to fix them could slow their companies’ operations.
Team8’s survey also found that about 60% of the CISOs’ organizations preferred “best-of-breed” cybersecurity tools, as opposed to consolidated platforms. The finding suggests a turning point after years in which companies sought to reduce the number of vendors and curb costs by purchasing bundles of different types of cybersecurity products from one major company.
“While platforms once promised simplicity and scale, many CISOs are finding that breadth often comes at the expense of depth,” Team8 said.
Topics Trends Cyber InsurTech Data Driven Artificial Intelligence
Was this article valuable?
Here are more articles you may enjoy.
Nursing Homes Struggle With Trump’s Immigration Crackdown 
Ken Griffin-Backed Florida Bill for Non-Competes Becomes Law 
US Tariffs Projected to Slow Global Economy and Insurance Premium Growth: Swiss Re 
Florida Meteorologist Predicts Where the Next Hurricane Will Hit, For a Price 
