A new report has found that nearly 40% of security leaders believe their organizations are least prepared for phishing and other social engineering attacks, Help Net Security reports.
According to the report from VikingCloud, these concerns are driven by the increasing use of AI tools to assist in cyberattacks.
“Generative or agentic AI-driven phishing attacks (51%) are leadership teams’ top concern when it comes to new cyberattack techniques,” the report says. “Last year, only 22% of respondents said that their leadership teams were concerned about generative AI phishing attacks.
“This suggests that more leadership teams recognize the perils of AI-driven attack methods, especially as agentic AI becomes more ubiquitous and makes bad actors even more dangerous, efficient, and relentless than generative AI alone. Generative AI model prompt hacking (45%) and AI-vishing (voice deepfake) attacks (43%) are the other two most concerning modern threats.”
The report adds, “Cybersecurity leaders say their top 3 challenges are that (1) AI is creating new attack points (53%), (2) the tech behind cyberattacks is more sophisticated than the tech their teams have access to (36%), and (3) modern cybercriminals are more advanced than their internal teams (36%).”
In addition to lowering the bar for unskilled threat actors, nation-state hackers are also using AI to assist in their attacks.
“These hackers typically focus on long-term access, IP theft, and espionage, and they typically infiltrate by exploiting third-party software vulnerabilities,” the report says. “Many are leveraging AI to scale their attacks. Most businesses’ standard security practices and tools aren’t built to detect or defend against these advanced threats.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 HRM+ platform to strengthen their security culture and reduce human risk.
Help Net Security has the story.
