Gartner has recently published its top predictions for IT organisations and users in 2025 and beyond. Notably, it predicted that by 2028, 25% of enterprise breaches will be traced back to Artificial Intelligence (AI) agent abuse, from both external and malicious internal actors.
Gartner suggests that AI substantially expands what is already a vast ‘invisible attack surface’ for enterprises. As AI continues to evolve and its capabilities become more accessible to the wider public, the threat of AI agent abuse rises, leading to enterprises being increasingly vulnerable. Consequently, Gartner suggests that organisations need to implement new controls and systems that prevent any potential AI-related enterprise breaches.
Abid Khan, Global Practice Head of Cyber Strategy and Resilience at HGS, believes that although AI abuse will be the source of many cyberbreaches, it also will be the best line of defence against them too: “Nevertheless, despite AI being tipped as a major catalyst for future enterprise breaches, it is also the solution. AI is leading the way for organisations to tackle this wave of cybercrime, becoming many industries’ greatest weapon in their data protection arsenals.
“AI can rapidly analyse huge volumes of data to identify unusual patterns that would previously go unnoticed by manual investigation. For example, in the banking industry, it creates predictive models that can forecast future spending for consumers. By doing this, the technology is capable of quickly identifying any unusual buying behaviour that occurs in the event of a person’s banking information being breached. It subsequently flags these suspicious activities, mitigating any potential damage.”