GARTNER'S analysts have highlighted four critical threats where attackers currently have the advantage: deepfakes, software supply chain risks, prompt injections, and AI application compromises. During the Gartner Security and Risk Management Summit, it was emphasized that enterprise defenses are ill-equipped to handle these emerging threats.
1. **Deepfakes**: 62% of organizations have experienced deepfake attacks, which exploit social engineering and bypass security systems. Increasing authentication measures and layered security are recommended to counter these threats.
2. **Software Supply Chain Risks**: The use of automated tools to compromise repositories and sensitive data remains a challenge, necessitating better security controls in code management and third-party software.
3. **Prompt Injections**: This threat has risen due to the growth of AI agents. Attackers can manipulate prompts, and the increase in these attacks is concerning as it complicates recovery options.
4. **AI Application Compromises**: The vulnerability in AI applications has surged, with a significant increase in disclosed CVEs indicating a rising attack surface. Organizations are encouraged to implement penetration testing to uncover potential weaknesses.
Overall, the experts urge enterprises to improve their security posture through robust controls and policies to effectively mitigate these risks.