Security teams within enterprises are ill-equipped to identify emerging, adaptable threats fueled by artificial intelligence. A study conducted by Lenovo, which involved surveying 600 IT leaders in key markets, reveals a widespread apprehension regarding both external and internal risks, coupled with a lack of faith in current defense mechanisms.

Over sixty percent of IT leaders acknowledge the increasing threat posed by cybercriminals leveraging AI. These AI-enhanced attacks have the capability to adjust strategies on-the-fly, mimic normal user actions, and function seamlessly across various platforms like cloud services, devices, and applications. Survey participants express uncertainty about their ability to counter these advanced techniques, which encompass polymorphic malware, deepfake social engineering, and AI-driven brute-force assaults.

The report highlights how AI is hastening the speed of cyberattacks. Adversaries can swiftly generate malicious code, modify tactics, and exploit systems at machine-like speeds. This acceleration narrows the detection and response timeframe, necessitating the development of updated monitoring and analysis methodologies.

The research also points out that internal AI implementation comes with its own set of challenges for organizations. A significant portion of IT leaders—seventy percent—view employee misuse of public AI tools as a grave concern. Additionally, over sixty percent consider AI agents as an insider threat that they are ill-prepared to tackle. Less than forty percent express confidence in managing these specific risks effectively.

Concerns extend to safeguarding AI models, training data, and commands within organizations. As companies integrate AI solutions, the potential for tampering or data manipulation poses risks such as loss of trust, reputational damage, or exposure of sensitive information.

Despite these challenges, leaders indicate a slightly higher level of confidence in securing internally developed AI compared to defending against external AI-driven attacks. However, their trust in current tools and procedures remains low. A majority believe that their existing data protection measures are inadequate in combatting AI-related threats. Areas such as vulnerability assessment, incident detection and response, as well as identity management are deemed insufficient by sixty to seventy percent of respondents for addressing threats in the era of AI.

These deficiencies underscore the inadequacies of traditional security approaches. Strategies like role-based data access controls or signature-based antivirus software fall short when faced with large-scale data analysis by AI systems or when malware evolves to evade detection. Security experts acknowledge the necessity for new tactics to counter AI adversaries effectively.

While many organizations are exploring the use of AI in cybersecurity efforts, scaling up these initiatives proves challenging due to three primary obstacles highlighted in the survey: complex IT environments, shortage of skilled personnel, and constrained budgets.

Most enterprises rely on a mix of outdated and modern systems, complicating the integration of AI-driven security tools. The lack of professionals proficient in both AI and cybersecurity further impedes progress.

Moreover, budget constraints deter some teams from replacing outdated tools even when their functionalities are obsolete.

The report offers practical recommendations for leaders including aggregating telemetry data from endpoints, applications, and cloud platforms to enhance visibility and reduce blind spots. It stresses the importance of establishing policies governing AI usage among employees and securing the AI development lifecycle against manipulation and data breaches.

Another crucial aspect is training staff to identify AI-enabled social engineering tactics like voice and video impersonation. Technologically speaking, integrating monitoring systems and adopting AI-powered analytics can aid defenders in keeping pace with rapidly evolving threats.

Rakshit Ghura, VP & GM at Lenovo Digital Workplace Solutions commented on the changing landscape brought about by AI in cybersecurity by stating that organizations need adaptive intelligence that can respond swiftly to threats. He emphasized the importance of combating AI threats with sophisticated defense mechanisms that leverage artificial intelligence capabilities. By implementing intelligent defense strategies, IT leaders can safeguard their personnel, assets, and data while harnessing the transformative potential of AI to propel business growth forward.