Dive Brief:
- AI-assisted attacks were the top emerging business risk through the first three quarters of the year, Gartner said in a Friday report. Four in 5 executives Gartner surveyed named AI-enhanced malicious attacks as the top emerging risk in Q3.
- The report, based on a survey of 286 senior risk and assurance executives, forecasts potential future risk — scenarios that haven’t been realized by enterprises but could bear a significant impact in time.
- The remaining top five most commonly cited emerging risks include AI-assisted misinformation, escalating political polarization, globally consequential risk and a misaligned organizational talent profile.
Dive Insight:
Worries about threat groups using AI in a meaningful way in cyberattacks continue to outpace reality. Researchers have not identified AI-engineered cyberattack campaigns, but there is widespread speculation that will change.
“I personally don’t see any evidence of it yet. I’m sure it’ll happen but I can’t quite predict how they might use it in the future,” Mandiant Consulting CTO Charles Carmakal said earlier this year during a media briefing at the RSA Conference.
The No. 1 concern is that attackers are using AI for social engineering and to overcome language barriers, Mandiant Chief Analyst John Hultquist said during the media briefing.
For now, security leaders at many of the top cybersecurity and enterprise technology firms, including Google Cloud, insist or at least remain hopeful AI will give defenders an advantage over attackers.
In Gartner’s study, AI-assisted misinformation and escalating political polarization were new emerging risks respondents cited, which reflect growing concern and uncertainty about global elections and their potential impact on enterprise.
“While the upcoming U.S. election generates headlines over the candidates’ regulatory, trade and other proposals, organizations have difficulty considering the actual risk implications from the many scenarios that might unfold,” Zachary Ginsburg, senior director of research in Gartner’s Risk and Audit Practice, said in the report.