AI will be a major contributor to cyber threats and companies’ responses to those threats in the coming years. Here are some of the major trends to keep in mind when navigating these new threats and when deciding how to integrate AI into cybersecurity operations.
AI has dramatically accelerated the pace of change in the cyber threat landscape. It has significantly lowered the barriers to entry for cybercriminals around the world — from the widespread availability of powerful social engineering tools like large language models (LLMs) and deepfakes to AI-powered surveillance and data analysis. Meanwhile, companies are increasingly using AI to strengthen their cyber defenses through vulnerability assessments, remediation, and automated security tasks.
Last year, RTInsights published an article that considered how AI would drive shifts in cybersecurity. The article was based on research from Gartner, which mapped several of the most prominent trends in cybersecurity and analyzed how AI would intersect with those trends. While some trends have persisted into 2024 (such as the need for updated cybersecurity awareness training), there are several new developments that should alter companies’ approach to cybersecurity as AI advances.
AI will be a major contributor to cyber threats and companies’ responses to those threats in the coming years. This isn’t a time for CISOs and other security leaders to be reactive — they must prepare their companies to navigate a new cyber threat landscape while determining how to integrate AI into their cybersecurity operations.
See also: Report: AI and Cybersecurity Drive Industrial Investments
Trend #1: AI will propel a new wave of social engineering attacks
The emergence of LLMs and deepfakes will make social engineering more effective. According to Verizon’s 2024 Data Breach Investigations Report, 68 percent of breaches involve a human element. This is why cybercriminals are taking advantage of the new AI weapons in their arsenal to deceive and manipulate employees to infiltrate networks, exfiltrate sensitive information, and steal money.
For example, cybercriminals are using LLMs to mass produce highly personalized and convincing phishing messages that victims are much more likely to click on. Google reports that companies should expect LLMs to be “utilized in phishing, SMS, and other social engineering operations.” Meanwhile, Microsoft has already observed the widespread use of LLMs by major cybercriminal organizations around the world.
Cybercriminals have also used deepfakes to launch sophisticated multi-level cyberattacks. For example, after victims receive a phishing message, they may call to confirm and end up talking to a deepfaked interlocutor. As rates of fraud spike, the FTC expects deepfakes to “turbocharge this scourge.” It’s no wonder why: less than half of Americans say they’re “confident in their ability to identify deepfake videos or AI-generated audio.”
Trend #2: AI will force companies to reevaluate existing cybersecurity processes
While AI provides companies with a broader range of cybersecurity tools than ever before, the rapid evolution of the technology has also created an AI arms race — as defenses improve, so do methods of intrusion. This means CISOs and other security leaders will have to reassess several major cybersecurity mechanisms.
For example, deepfakes are poised to make biometric identity verification less effective — Gartner’s latest research found that 30 percent of enterprises will no longer consider these “authentication solutions to be reliable in isolation” by 2026. Companies are setting up AI-enabled “identity threat detection and response” tools, such as phishing defenses that analyze messages on the basis of content, sender credentials, and email header information. But cybercriminals are simultaneously developing workarounds with the help of LLMs and other AI tools, and phishing remains the most common and second-costliest initial attack vector.
Through 2025, Gartner expects that AI will require companies to increase spending on application and data security by at least 15 percent. This is consistent with other research, such as a recent PwC report, which found that 79 percent of executives will increase their cyber expenditures in 2024 — up from 64 percent in 2023. CISOs and other security leaders must determine how to make these investments as effectively as possible.
Trend #3: AI will have a significant impact on supply chain cybersecurity
Supply chain breaches are among the most destructive cyberattacks. The SolarWinds hack was one of the largest infiltrations of all time, and the company found that the “most likely attack vectors came through a compromise of credentials and/or access through a third-party application.” According to the latest data from Verizon, there was a 68 percent increase in the amount of “supply chain interconnection” involved in breaches between 2023 and 2024.
In 2022, Gartner predicted that 45 percent of organizations around the world would experience cyberattacks on their software supply chains by 2025 — a three-fold increase since 2021. This new era of supply chain cyberattacks is upon us. IBM reports that 27 percent of total breaches in 2023 could be attributed to attacks on software or business partner supply chains.
Companies can use AI to run simulations that mirror potential supply chain attacks, detect fraud and malicious network activity, and help companies cut down on response times in the event of a breach. But AI also allows cybercriminals to probe potential weak links in the supply chain and launch social engineering attacks that give them a foothold at critical access points. These are reminders that it’s crucial to have the right security protocols in place across the supply chain, from AI identification and response systems to high-quality cybersecurity awareness training.
Trend #4: Comprehensive cybersecurity is vital in the AI era
The AI arms race is intensifying, and companies can’t afford to wait for the latest cybersecurity technology to be released. At a time when social engineering remains the tactic of choice for most cyberattacks, security leaders have to ensure that they’re developing a culture of cybersecurity at every level of their companies and providing the resources employees need to protect the organization.
According to IBM, employee training is one of the most significant mitigating factors in the overall cost of a data breach — outpacing insurance, encryption, AI-driven insights, and other resources. AI and cybersecurity training should complement each other. Gartner anticipates that “by 2028, multiagent AI in threat detection and incident response will rise from 5 percent to 70 percent of AI implementations to primarily augment, not replace staff.”
Cybersecurity awareness training must evolve to meet the demands of the AI era. This doesn’t just mean training employees to identify sophisticated LLM-generated phishing messages and deepfakes. It also means leveraging AI to generate predictive behavioral profiles, address employees’ specific vulnerabilities with customized interventions, and empower workforces to thwart cyberattacks in an era when they can no longer trust their eyes and ears. As Gartner puts it, companies must “prioritize investments in AI augmentation of the workforce, not just task automation. Prepare for short-term increased spend and long-term skill requirements changes due to GenAI.”
Nearly 90 percent of organizations are still researching or piloting generative AI, making it difficult to predict which technologies and applications will fade with the hype cycle and which ones are here to stay. But companies can prepare for whatever the future might hold by developing a holistic cybersecurity strategy that harnesses the power of AI while preparing employees to resist the rapidly evolving threats that this revolutionary technology has created.
