Nearly one in four cybersecurity leaders say their companies faced attacks powered by artificial intelligence in the past year, a new survey shows. The findings highlight the rising threat AI poses to digital security as companies struggle to keep up with new risks while hoping AI can also boost their defenses.
The survey, conducted by Team8, a Tel Aviv-based venture fund, gathered insights from about 110 chief information security officers (CISOs). These security heads expressed concern about AI being used for harmful tactics like sophisticated phishing schemes and convincing deepfake campaigns that are hard to spot. Mandy Andress, CISO at tech firm Elastic, described the situation as an “AI arms race,” with attackers currently holding the upper hand.
Among the most alarming threats are deepfakes, voice cloning, and live impersonations that exploit human trust. Beyond that, AI helps hackers move faster and attack more broadly. Team8 warned these threats could soon become fully automated, with AI-powered attacks running without human control.
Noa Hen, Team8’s strategy director, pointed out that AI can quickly write malware and identify weaknesses on a massive scale. Many CISOs are also worried about securing AI tools within their own organizations. Nearly 40% of those surveyed find it difficult to protect AI agents tasked with handling user requests, as these can be tricked or make mistakes. Similarly, concerns loom over employees’ AI use, with few companies managing it well. CISOs face a choice: either limit AI use and slow innovation or allow it freely and accept the risks.
AI isn’t just a threat—it can also help defenders. About 77% of CISOs believe that in the near future, autonomous AI agents will take over routine tasks from less experienced security analysts. Mike Rogers, a former NSA and US Cyber Command leader and now with Team8, said AI speeds things up for both attackers and defenders.
The survey also revealed ongoing struggles with basic cybersecurity challenges. Over 40% of respondents said critical system vulnerabilities remain unpatched past their deadlines. The reasons include limited staff, lack of time, unavailable patches, or concerns about disrupting business operations.
On the tools front, around 60% of companies prefer “best-of-breed” security products from different vendors instead of all-in-one platforms. This marks a shift after years of efforts to simplify by buying bundled solutions, as many CISOs now feel broader platforms sacrifice quality for convenience.
Overall, the survey paints a picture of a cybersecurity world caught between the promise and peril of AI. While the technology brings new dangers, it also offers new ways to fight back. The job of protecting companies is becoming tougher and more urgent as AI-powered attacks rise and organizations try to keep pace.