How big is the AI threat to the cybersecurity of tech companies?

A cybersecurity icon projecting from a laptop screen.
(Image credit: Shutterstock / song_about_summer)

A recent survey of 400 Chief Information Security Officers from businesses in the UK and US found that 72% believe that AI solutions would lead to security breaches. Conversely, 80% said they intended to implement AI-tools to defend against AI. This is another reminder of both the promise and the threat of AI. On one hand, AI can be used to create unprecedented security arrangements and enable cybersecurity experts to go on the offensive against hackers. On the other hand, AI will lead to industrial scale automated attacks and incredible levels of sophistication. For tech companies caught in the middle of this war, the big questions are how worried should they be and what can they do to protect themselves?

First, let’s step back and look at the current state of play. According to data compiled by security firm Cobalt, cybercrime is predicted to cost the global economy $9.5 trillion in 2024. 75% of security professionals have observed an increase in cyberattacks over the past year and costs of these hacks are likely to rise by at least 15% each year. For businesses, the figures are also pretty grim - IBM reported that the average data breach in 2023 costs $4.45 million - a 15% rise since 2020. 

On the back of this, the cost of cybersecurity insurance has risen 50% and businesses now spend $215 billion on risk management products and services. Most at risk of attack are healthcare, finance and insurance organisations and their partners. The tech industry is particularly exposed to these challenges given the volume of sensitive data startups often deal with, their limited resources compared to large multinationals and a culture geared towards scaling quickly, often at the expense of IT infrastructure and procedures.

Sebastian Gierlinger

VP of Engineering, Storyblok.

The challenge of differentiating AI attacks

The most telling stat is from CFO magazine - it reported that 85% of cybersecurity professionals attribute the increase in cyberattacks in 2024 to the use of generative AI by bad actors. However, look a little closer and you find that there are no clear stats on which attacks these were and, therefore, what impact they actually had. This is because one of the most pressing issues we have is that it is incredibly hard to establish whether a cybersecurity incident was caused with the help of generative AI. It can automate the building of phishing emails, social engineering attacks or other types of malicious content. 

However, as it aims to mimic human content and responses, it can be very difficult for someone to differentiate it from human-built content. As a result, we don’t yet know the scale of generative AI-driven attacks or their effectiveness. If we cannot yet quantify the problem, it becomes difficult to know just how concerned we should be.

For startups, that means the best course of action is to focus on and mitigate threats more generally. All evidence suggests that existing cybersecurity measures and solutions underpinned by best practice data governance procedures are up to the task of the existing threat from AI.

The greater cybersecurity risk

With some irony, the biggest existential threat to organizations isn’t necessarily from AI being used in a diabolically brilliant way, it’s from their own very human employees using it carelessly or failing to follow existing security procedures. For example, employees sharing sensitive business information while using services such as ChatGPT risk that data being retrieved at a later date, and could lead to leaks of confidential data and subsequent hacks. Reducing this threat means having proper data protection systems in place and better education for generative AI users on the risks involved.

Education extends to helping employees understand the current capabilities of AI - particularly when countering phishing and social engineering attacks. Recently, a finance officer at a major company paid out $25 million to fraudsters after being tricked by a deep fake conference call mimicking the company’s CFO. So far, so scary. However, reading into the incident you find that this was not ultra-sophisticated from the perspective of AI - it was only one small step above a scam a few years ago that tricked the finance departments at scores of businesses (many of which were startups) to send money to fake client accounts by mimicking the email address of their CEO. In both instances, if basic security and compliance checks, or even common sense, had been followed, the scam would have quickly been uncovered. Teaching your employees how AI can be used to generate the voice or appearance of other people and how to spot these hacks is as important as having a robust security infrastructure.

Put simply, AI is a clear long-term threat to cybersecurity but, until we see greater sophistication, current security measures are sufficient if they are followed to the letter. Nevertheless, businesses need to continue to follow strict cybersecurity best practices, and keep reviewing their processes and educating their employees as the threat evolves. The cybersecurity industry is used to new threats and bad actor methods, that’s nothing new - but businesses cannot afford to use outdated security tech or procedures.

We list the best cloud antivirus.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Sebastian Gierlinger, VP of Engineering, Storyblok.

Read more
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Sounding the alarm on AI-powered cybersecurity threats in 2025
A padlock resting on a keyboard.
AI-powered cyber threats demand enhanced security awareness for SMEs and supply chains
An abstract image of digital security.
Identifying the evolving security threats to AI models
Avast cybersecurity
Rise of AI is causing many firms to worry about their cybersecurity
Cartoon Phishing
Hackers use GenAI to attack more frequently and effectively
An AI face in profile against a digital background.
The truth about GenAI security: your business can't afford to “wait and see”
Latest in Pro
Branch office chairs next to a TechRadar-branded badge that reads Big Savings.
This office chair deal wins the Amazon Spring Sale for me and it's so good I don't expect it to last
Saily eSIM by Nord Security
"Much more than just an eSIM service" - I spoke to the CEO of Saily about the future of travel and its impact on secure eSIM technology
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
FlexiSpot office furniture next to a TechRadar-branded badge that reads Big Savings.
Upgrade your home office for under $500 in the Amazon Spring Sale: My top picks and biggest savings
Beelink EQi 12 mini PC
I’ve never seen a PC with an Intel Core i3 CPU, 24GB RAM, 500GB SSD and two Gb LAN ports sell for so cheap
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection