• Oris
    Oris
    Dawinium
  • AI-powered malicious attacks are now a top emerging risk, says study

    Concern about artificial intelligence (AI)-enhanced malicious attacks ascended to the top of the Gartner emerging risk rankings in the first quarter of 2024.

    “The prospect of malicious actions enabled by AI-assisted tools is concerning risk leaders worldwide,” said Gamika Takkar, director, research in the Gartner Risk & Audit Practice. “The relative ease of use and quality of AI-assisted tools, such as voice and image generation, increase the ability to carry out malicious attacks with wide-ranging consequences.”

    During the first quarter of this year, Gartner surveyed 345 senior enterprise risk executives to capture and benchmark their top 20 emerging risks and provide leaders a view of their causes and potential consequences.

    Risks related to AI captured the top two rankings in the 1Q24 survey (see Table 1) with AI-enhanced malicious attacks cited as the top emerging risk and AI-assisted misinformation also causing concern. Escalating political polarization, which entered the tracker for the first time in 4Q23, dropped from the second most cited concern to third place.

    Table 1: Top Five Most Commonly Cited Emerging Risks in Q1 2024
    [Image Alt Text for SEO]

    Source: Gartner (May 2024)

    One of the key drivers of AI-enabled attacks and misinformation is the rapidly expanding access to its capabilities. AI enhancement can provide malicious code, and facilitate phishing and social engineering, which enables better intrusion, increased credibility and more damaging attacks.

    “Its low cost and rapid growth also expose users to the technology who have little awareness on how to recognize when AI-enabled tools are providing valid vs. false or misrepresented information,” said Takkar.

    The potential impacts of AI-enhanced attacks and misinformation are far-reaching and consequential to reputation, productivity and the ability of organizations to respond. Increased breaches and disclosure requirements can erode trust in an organization and brand among clients, consumers and partners.

    “The speed and quality of AI-enhanced attacks and misinformation also hinder information security teams’ ability to respond and adapt to the new security landscape, further amplifying its vulnerabilities,” said Takkar.Gartner clients can read more in 1Q24 Emerging Risk Report. Nonclients can read: 1Q24 Emerging Risk Trends.

    AUTHOR

    Stuart O'Brien

    All stories by: Stuart O'Brien