Twenty-nine percent of cybersecurity leaders said their organisations experienced an attack on enterprise GenAI application infrastructure in the last 12 months.
That’s according to a survey by Gartner conducted from March-May 2025 among 302 cybersecurity leaders in North America, EMEA and Asia/Pacific.
The survey found that 62% of organisations experienced a deepfake attack involving social engineering or exploiting automated processes, while 32% said they experienced an attack on AI applications that leveraged the application prompt in the last 12 months.
Chatbot assistants are vulnerable to a variety of adversarial prompting techniques, such as attackers generating prompts to manipulate large language models (LLMs) or multimodal models into generating biased or malicious output.
![[Image Alt Text for SEO]](https://emt.gartnerweb.com/ngw/globalassets/en/newsroom/images/graphs/generative-artificial-intelligence-on-attack-landscape.png)
Source: Gartner (September 2025)
During the Gartner Security & Risk Management Summit in London, Akif Khan, VP Analyst at Gartner said: “As adoption accelerates, attacks leveraging GenAI for phishing, deepfakes and social engineering have become mainstream, while other threats — such as attacks on GenAI application infrastructure and prompt-based manipulations — are emerging and gaining traction.”
While 67% of cybersecurity leaders said emerging GenAI risks demand significant changes to existing cybersecurity approaches, Gartner said a more balanced strategy is warranted. “Rather than making sweeping changes or isolated investments, organizations should strengthen core controls and implement targeted measures for each new risk category,” said Khan.
