Phishing and deepfakes are leading AI-powered threats
A new survey of cybersecurity professionals finds that 75 percent of respondents think phishing attacks pose the greatest AI-powered threat to their organization, while 56 percent say deepfake enhanced fraud (voice or video) poses the greatest threat.
The study from Team 8, carried out at its annual CISO Summit, also finds that lack of expertise (58 percent) and balancing security with usability (56 percent) are the two main challenges organizations face when defending AI systems.
In order to address the threats 41 percent of CISOs expect to explore purchasing solutions for managing the AI development lifecycle within the next one to two years. Additionally, many CISOs are prioritizing solutions for third-party AI application data privacy (36 percent) and tools to discover and map shadow AI usage (33 percent).
CISOs identify several critical data security concerns that currently lack adequate solutions -- insider threats and next-gen DLP (65 percent), third-party risk management (46 percent), AI application security (43 percent), human identity management (40 percent), and security executive dashboards (40 percent).
"Recent technological advancements have rapidly transformed the threat landscape, and CISOs are responding. As companies evolve from using third-party AI tools to developing their own AI applications, securing AI development pipelines and data infrastructure has become a priority. At the same time, AI also introduces new, novel risks, such as deepfakes and social engineering, which are unfamiliar territory for CISOs. Balancing these emerging threats with ongoing issues like identity and third-party risk management will be a critical challenge in the coming years," says Amir Zilberstein, managing partner at Team8 and co-founder of Claroty.
The survey finds 54 percent of CISOs say that their personal well-being has been impacted due to concerns about liability, while 32 percent have actively taken steps to mitigate personal legal risk, through actions such as seeking legal counsel, purchasing additional insurance or adjusting their contract. Meanwhile, 54 percent report experiencing significantly tighter scrutiny from their superiors over the past year despite their budgets and scope increasing.
"The latest SEC rulings and rising liability pressures have pushed CISOs into new and complex territory, intensifying both the legal and emotional challenges they must navigate," says Ross Young, CISO in residence at Team8. "This pivotal shift carries far-reaching consequences -- not only for the well-being of CISOs but for the security and resilience of organizations globally. With AI-driven threats on the rise, the CISOs who excel will be those who can adeptly manage these mounting pressures while staying focused on the critical mission of protecting against an ever-evolving threat landscape."
The full report can be downloaded from the Team8 site.
Image credit: BiancoBlue/depositphotos.com