A total of 93% of respondents, it said, anticipate AI-powered tools to create cyber risk for their organisations in FY25
New Delhi: GenAI presents dual prospects of possibilities and peril, and a large majority of cybersecurity leaders from around the world are wary of its negative impact, a global survey has found.
A staggering 93% of respondents of the survey conducted by CyberArk said they anticipate a negative impact from AI, with AI-powered malware and phishing topping the list.
CyberArk’s 2024 Identity Security Threat Landscape Report — which surveyed 2,400 cybersecurity leaders across 18 countries — found that “cyber debt continues to build with GenAI the rise of machine identities, and increasing third and fourth-party risks”.
The report said about 99% of organisations take the help of AI in cybersecurity defence initiatives.
However, it also predicted “an increase in the volume and sophistication of identity-related attacks, as skilled and unskilled bad actors also increase their capabilities, including AI-powered malware and phishing”.
A total of 93% of respondents, it said, anticipate AI-powered tools to create cyber risk for their organisations in FY25.
“In the last 12 months, 9 of 10 organisations were victims of a breach due to a phishing/vishing attack. These types of attacks will be harder to detect as AI will automate and personalize the attack process,” it said.
Altogether, 93% of Indian organisations had two or more identity-related breaches in 2023, it said.
“Looking at the year ahead, organisations can expect to be affected by data leakage from compromised AI models, AI-powered malware, and phishing,” it added.
The report further raised concerns about the burgeoning circulation of deepfakes, especially with elections around the corner.
“Get ready for a pivotal and unsettling Decision 2024 as over 4 billion voters prepare to elect leaders in over 60 countries — and AI-powered deepfake campaigns become the weapon of choice for anyone wanting to influence election outcomes,” it said.
The report also named machine identities as a vulnerable source of risk, “ready to be exploited by bad actors with AI-powered ability to execute at scale”.
