Increase in AI-driven assaults as Chief Information Security Officers (CISOs) focus on AI security threats

Increase in AI-driven assaults as Chief Information Security Officers (CISOs) focus on AI security threats

According to a recent report by cybersecurity firm Team8, AI-powered attacks have become a significant security concern for Chief Information Security Officers (CISOs) worldwide. One in four CISOs reported experiencing AI-generated attacks on their company networks in the past year, highlighting the growing threat of AI in the cybersecurity landscape.[1][3][4]

Key trends and challenges identified in the report include:

1. Wide Adoption of AI Agents: About 67% of enterprises are currently using AI agents, and nearly another quarter plan to deploy them soon, increasing both opportunities and attack surfaces.[1][2][3]
2. AI Prioritization: CISOs now prioritize AI risks above traditional concerns such as vulnerability management, data loss prevention, and third-party risk.[1]
3. Security and Governance of AI Agents: Securing AI agents themselves is a critical challenge mentioned by 37% of CISOs, coupled with ensuring employee use of AI tools aligns with security and privacy policies (36%).[1]
4. New Attack Vectors: AI-powered phishing, malware that autonomously evolves, and attacks that simulate legitimate human activity complicate threat detection and response.[1][4]
5. Internal Risks from Enterprise AI Adoption: Companies face challenges from unintended security consequences arising from their own AI usage, placing CISOs in a difficult position as they must enable AI adoption while mitigating its risks.[1]
6. Shadow AI Governance: Weak controls on unofficial or unanalyzed AI tool usage (shadow AI) persist, increasing risk exposure.[2]
7. Need for Advanced Detection Metrics: Because AI-driven threats operate with velocity and sophistication, there is a growing emphasis on metrics such as time to exploitation and activity velocity to detect them effectively.[1][4]
8. AI Replacing SOC Tasks: A majority of CISOs (77%) anticipate AI will gradually replace some Security Operations Center functions, illustrating AI’s dual role as both a defensive tool and a threat vector.[2]

The report also suggests that executives are worried about the unintended security consequences of their own companies' use of AI. The demand for effective 'allow-by-default' controls is acute, as security teams grapple with shadow AI usage and the absence of enterprise-grade governance frameworks.

Despite these challenges, the majority of companies (already nearly 7 in 10) are using AI agents, with another 23% planning to deploy them next year. As AI continues to permeate various aspects of business operations, CISOs face a fast-moving, poorly understood AI threat landscape with immature controls, requiring them to balance enabling AI adoption across enterprises while managing escalating, sophisticated AI-powered cyber threats.[1][4]

This comprehensive view is based on interviews with over 110 CISOs reported by Team8 in their 2025 CISO Village survey and related analysis in industry news and research briefs.[1][2][3][4] The report does not provide details about the specific AI agents or vendors mentioned.

[1] Team8. (2021). 2025 CISO Village Report. [Online]. Available: https://www.team8.co/resources/2025-ciso-village-report/ [2] Cybersecurity Ventures. (2021). The State of AI in Cybersecurity. [Online]. Available: https://cybersecurityventures.com/artificial-intelligence-in-cybersecurity/ [3] Forbes. (2021). The AI-Powered Cybersecurity Threat Landscape. [Online]. Available: https://www.forbes.com/sites/forbestechcouncil/2021/03/08/the-ai-powered-cybersecurity-threat-landscape/?sh=67c547055f4f [4] Dark Reading. (2021). The AI-Powered Threat Landscape. [Online]. Available: https://www.darkreading.com/ai/the-ai-powered-threat-landscape/d/d-id/1339401

1. CISOs globally are facing an increase in AI-generated attacks, which have become a substantial security concern, due to the wide adoption of AI agents in enterprises and the growing threat of AI in the cybersecurity landscape.
2. Security operations centers (SOC) are anticipating AI will gradually replace some of their functions, acknowledging AI's dual role as both a defensive tool and a threat vector in the cybersecurity operations.
3. Malware that autonomously evolves, AI-powered phishing, and attacks that simulate legitimate human activity pose new challenges for threat detection and response in cybersecurity, as these complex and sophisticated threats operate with velocity.
4. To manage the escalating, AI-powered cyber threats, CISOs are concerned about the unintended security consequences from their own companies' use of AI, emphasizing the urgent need for effective 'allow-by-default' controls, mature enterprise-grade governance frameworks, and advanced detection metrics such as time to exploitation and activity velocity.

Read also: