Phishing Attacks, Deepfakes Top AI-Powered Threats

Phishing attacks and deepfake-enhanced fraud pose the greatest AI-powered threats to organizations, according to a new survey of chief information security officers (CISOs) from top firms. 

A notable 75% of respondents said phishing attacks and 56% said deepfake-enhanced fraud through voice or video were their biggest concerns. Seventy percent of the CISO questioned said their budgets increased in 2024 compared to 2023 in response to these growing threats.

Credit: Team8

This is supported by a Gartner report projecting that global spending on security and risk management will reach $215 billion in 2024, a 14.3% increase from 2023.

The respondents also highlighted a lack of expertise (58%) and balancing security with usability as the two main challenges organizations face when defending AI systems.

The full results are published in Team8’s 2024 CISO Village Survey Report which is based on a survey taken at the company’s annual CISO Summit attended by more than 100 cybersecurity executives from companies including Oracle and Barclays. 

Team8 is a global Venture-Creation and Venture Capital Fund that creates and invests in companies focusing on Cybersecurity, Data & AI, Fintech and Digital Health.

The company said its findings shed light on the emerging cybersecurity landscape, which is increasingly influenced by AI. It also highlights the environment in which CISOs, who are now facing unprecedented pressures due to increased government and corporate scrutiny, are operating.

Related:Microsoft, Palantir Partner to Bring Secure AI to Defense Agencies

Fifty-four percent said their well-being has been impacted due to liability concerns, while 32% have actively taken steps to mitigate personal legal risk by seeking legal counsel, purchasing additional insurance or adjusting their contract.

“The latest SEC rulings and rising liability pressures have pushed CISOs into new and complex territory, intensifying both the legal and emotional challenges they must navigate," said Ross Young, CISO in Residence at Team8. 

"This pivotal shift carries far-reaching consequences – not only for the well-being of CISOs but for the security and resilience of organizations globally.”

CISOs are responding to the new technological advancements that are rapidly transforming the threat landscape, however, said Amir Zilberstein, managing partner at Team8 and co-founder of Claroty.

“Balancing these emerging threats with ongoing issues like identity and third-party risk management will be a critical challenge in the coming years.”

Credit: Team8

Survey respondents also said there are several critical data security concerns that currently lack adequate solutions – these include insider threats and next-gen DLP (65%), third-party risk management (46%), AI application security (43%), human identity management (40%) and security executive dashboards (40%). 

Related:AI Cybersecurity Startup Raises $250M to Enhance Security Platform

Forty-one percent expect to explore purchasing solutions for managing the AI development lifecycle within the next one to two years. Additionally, many CISOs are prioritizing solutions for third-party AI application data privacy (36%) and tools to discover and map Shadow AI usage (33%).

This article first appeared in IoT World Today's sister publication AI Business.