Phishing attacks and deepfake-enhanced fraud have emerged as the most significant AI-powered threats facing organizations, according to a new survey of Chief Information Security Officers (CISOs). The 2024 CISO Village Survey Report from Team8 reveals that 75% of respondents identified phishing attacks as their biggest concern, while 56% flagged deepfake-enhanced fraud via voice or video as a growing threat.
These AI-powered risks are prompting organizations to increase their cybersecurity budgets. Seventy percent of the CISOs surveyed said their security spending has risen in 2024 compared to 2023, reflecting a broader industry trend. A Gartner report projects global security and risk management spending will reach $215 billion in 2024, marking a 14.3% increase from the previous year.
In addition to identifying specific AI threats, the survey highlighted key challenges organizations face in defending their systems. 58% of CISOs cited a lack of AI expertise as a critical issue, while many also struggle with balancing security and usability.
Ross Young, CISO in Residence at Team8, commented on the evolving responsibilities of security leaders, noting that "the latest SEC rulings and rising liability pressures have pushed CISOs into new and complex territory, intensifying both the legal and emotional challenges they must navigate."
The increasing complexity of cybersecurity and AI threats is taking a toll on security executives. 54% of CISOs reported that their well-being has been impacted by liability concerns, with 32% actively taking steps to mitigate personal legal risks by seeking legal counsel, purchasing additional insurance, or adjusting their contracts. The growing legal responsibilities CISOs face are reshaping the role, with implications for both personal well-being and organizational security.
As organizations grapple with evolving threats, CISOs are exploring new solutions to safeguard their AI systems. 41% of respondents expect to invest in managing the AI development lifecycle within the next two years, and many are prioritizing tools for third-party AI data privacy (36%) and shadow AI detection (33%).
Amir Zilberstein, managing partner at Team8 and co-founder of Claroty, emphasized the importance of balancing emerging AI threats with ongoing security challenges such as identity management and third-party risk. “Balancing these emerging threats with ongoing issues like identity and third-party risk management will be a critical challenge in the coming years,” he said.
The survey also revealed several critical data security concerns that CISOs believe currently lack adequate solutions. These include insider threats and next-gen Data Loss Prevention (65%), third-party risk management (46%), AI application security (43%), and human identity management (40%).
As AI technologies continue to transform the threat landscape, the results from Team8’s survey underscore the growing need for advanced solutions and increased investment in cybersecurity. CISOs will play a vital role in safeguarding their organizations against the complex risks posed by AI-powered attacks in the years to come.
