Rethinking Resilience for the Age of AI-Driven Cybercrime

Opinion

Written by

Photo of Dan Lohrmann

Dan Lohrmann

Field CISO, Presidio

AI isn’t just changing the paradigm of cybercrime—it’s creating a new, larger attack surface with no rules. Just as culture eats strategy for breakfast, generative AI is swallowing up automated phishing campaigns, deepfake fraud, malware creation and much more at an unprecedented scale—fueling a new era of cyber-attacks.  

In 2024 alone, credential phishing attacks rose by 703%, largely due to AI-powered social engineering campaigns. Browser-based phishing attacks surged 140%, and AI-generated phishing emails now match the effectiveness of those crafted by human experts, boasting a 54% click-through rate—350% higher than traditional attempts.

With global cybercrime costs projected to hit $12 trillion annually by year-end, organizations can no longer rely on outdated defense models. The next era of cyber resilience demands a proactive mindset that fuses AI-powered defense, identity-first security and operational agility. 

The Growing Danger of AI-Powered Threats

The sophistication of AI-driven cyberattacks makes them increasingly difficult to detect and counter. Traditional red flags, such as typos or bad grammar in phishing emails, are disappearing. In addition, this cyber-attack sophistication can target international businesses and governments in over 100 languages with a high degree of local specificity.

AI-generated phishing content is polished, contextually relevant, and highly deceptive. Deepfakes and synthetic identities can now bypass standard identity verification, with 46% of financial institutions reporting deepfake-related fraud in 2024.

These tactics extend beyond inboxes. AI voice-cloning scams are also accelerating, with reports showing that four out of six AI voice-cloning companies lack safeguards to prevent misuse. These tools can accurately mimic a person’s voice, enabling highly convincing fraud and impersonation.

Alongside phishing and impersonation, AI is amplifying cyber threats in several ways:

  • Automated reconnaissance: AI-powered tools can analyze public and private data at scale, identifying vulnerabilities faster than human threat actors ever could.
  • Zero-day phishing attacks: These AI-driven attacks target newly discovered, unpatched vulnerabilities, which have jumped 130% over the past year, reducing defenders' reaction time to near zero.
  • Malware customization: AI accelerates malware development, making threats more adaptive and evasive.
  • Brute-force attacks: According to Harvard Business Review, AI-driven password attacks can test billions of combinations in seconds, reducing the cost and time of cybercrime by 95%.  

With attackers leveraging AI to outpace traditional security measures, organizations need a proactive strategy that integrates AI-driven defenses at the core of their cybersecurity frameworks.

Identity and Access Management (IAM) as the New Front Line

Securing identity and access is one of the most critical defenses against AI-driven threats. Static passwords and legacy IAM systems are ineffective against modern attack vectors. In 2023, fraud-related consumer losses surged to $10 billion and climbed further to 12.5 billion in 2024, with identity theft and impersonation among the top contributors, according to the Federal Trade Commission (FTC).

A modern IAM framework should include the following:

  • Passwordless authentication to eliminate reliance on vulnerable credentials.
  • Adaptive multi-factor authentication (MFA) adjusts security measures based on risk context.
  • Behavioral analytics for real-time anomaly detection.
  • Role-based access controls (RBAC) & dynamic policy enforcement to ensure users have only the minimum necessary access.

When IAM solutions integrate with AI-powered security tools, organizations gain better visibility into authentication risks and potential threats, reinforcing a strong foundation for cyber resilience.

The Double-Edged Sword of GenAI

While AI is a formidable tool for cybercriminals, it also presents significant opportunities for defenders. In 2024, 70% of CISOs increased cybersecurity budgets, prioritizing AI-enhanced detection and response systems. Similarly, Presidio’s 2024 AI Readiness Report found that 69% of CIOs are actively deploying AI-powered security solutions.

AI can enhance security by:

  • Automating threat detection in vast security logs.
  • Simulating attack scenarios to strengthen incident response playbooks.
  • Reducing attack surfaces by identifying and eliminating dormant accounts and misconfigured access rights.

However, responsible AI adoption is critical. Without proper governance, AI models can introduce risks like hallucinations, bias, privacy vulnerabilities, and model drift, which could undermine cybersecurity efforts rather than strengthen them. Organizations must establish robust AI governance frameworks that ensure transparency, accuracy, and compliance with regulatory standards. This includes implementing strict data governance measures, AI model validation processes, and privacy-centric AI design to mitigate unintended consequences and prevent AI-driven threats from being weaponized against organizations.

Overcoming Institutional Barriers to AI-Driven Security

Even as AI-driven security tools become more sophisticated, many organizations face significant challenges in effectively adopting them. Cultural inertia, legacy systems and resource constraints slow modernization efforts.

According to Check Point, cyber-attacks on US utilities jumped 70% in 2024, with outdated systems and poor visibility cited as major risk factors. Many organizations still rely on:

  • Homegrown applications with outdated authentication logic.
  • Commercial security tools that lack adequate protections for high-risk environments.

A high-profile example is the US Defense Administration’s use of Signal during military operations in Yemen. An accidental group chat inclusion exposed sensitive intelligence, highlighting the risks of using consumer-grade applications for mission-critical operations. While Signal is encrypted, its lack of enterprise controls demonstrates why organizations must adopt security tools designed for high-stakes environments.

To overcome these barriers, organizations must:

  • Align IT, security, procurement and compliance teams to modernize infrastructure
  • Implement governance frameworks to ensure responsible AI adoption
  • Provide continuous cybersecurity training tailored to evolving AI-driven threats

Successfully addressing these challenges lays the groundwork for a stronger security posture, but cyber resilience requires more than just overcoming institutional hurdles. Organizations must also take proactive steps to integrate AI-driven security measures, streamline defenses and embed cybersecurity awareness at every level of operations.

5 Practical Steps Toward AI-Ready Cyber Resilience

Building AI-driven cyber resilience requires a holistic, proactive approach. Organizations should focus on five key areas:

  • Strengthen identity security: Centralize IAM, integrate adaptive MFA, and deploy real-time behavioral monitoring. Implement biometric authentication methods such as facial recognition, fingerprint scanning and behavioral biometrics (e.g., keystroke dynamics and login behavior) to enhance authentication security.
  • Enhance visibility with AI: Leverage AI-powered security analytics to detect anomalies and automate response playbooks.
  • Unify and streamline security tools: Reduce security tool sprawl by integrating IAM, SIEM, and endpoint detection systems for centralized threat defense
  • Adopt a zero-trust security model: Enforce least-privilege access, continuous verification and dynamic policy enforcement to minimize the impact of breaches.
  • Foster a security-first culture: Conduct AI-specific cybersecurity training, phishing simulations and incident response exercises to build awareness and resilience.

By implementing these steps, organizations can shift from reactive security postures to proactive, AI-driven defense strategies.

Preparing for What’s Next

The velocity of AI-driven threats makes cyber resilience foundational, not optional. According to Statista 2024 forecasts, global cybercrime costs were estimated at $8.15 trillion in 2023, expected to rise to $11.45 trillion in 2026, and projected to reach $13.82 trillion by 2027.

Organizations that modernize identity security, adopt AI-driven defenses and build an adaptive security culture position themselves to best defend against emerging threats. Cyber resilience doesn’t require perfection—it demands readiness, rapid response and trust in the organization’s ability to act.

Over the past decade, there have been numerous wake-up calls on cybersecurity after major data breaches, supply chain failures, critical infrastructure outages and more. But now, cyber pros face a much more profound paradigm shift.

Just as the global move from horse and buggy to automobiles required new roads, gas stations and many other infrastructure advances to speed travel, the future of cyber resilience requires a new way of thinking about AI-powered cyberattacks—and how we will defend our vital data and critical infrastructures into the 2030s.

So don’t get stuck just focusing on how to feed your current cyber horses.

You may also like

  1. Crafting Scams with AI: a Devastating New Vector

    Blog

  2. Phishing Click Rates Triple in 2024

    News

  3. Only 3% of Businesses Resilient Against Modern Cyber Threats

    News

  4. Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing Campaign

    News

  5. AI Set to Supercharge Ransomware Threat, Says NCSC

    News

What’s hot on Infosecurity Magazine?