Enterprise security teams are facing a new challenge in the form of AI-enabled attacks. The threat landscape has evolved, with AI agents being used by attackers to exploit vulnerabilities at runtime. As AI technology becomes more prevalent, attackers are able to move quickly, with breakout times as fast as 51 seconds, according to CrowdStrike’s 2025 Global Threat Report. This speed gives security teams little time to respond, especially since 79% of detections are now malware-free, making them harder to detect using traditional endpoint defenses.
Mike Riemer, a field CISO at Ivanti, highlights the speed at which threat actors are reverse-engineering patches, giving enterprises a mere 72-hour window to patch before they are vulnerable to exploitation. This rapid pace is made possible by the use of AI, which enhances the speed and efficiency of attacks. However, most enterprises struggle to keep up with manual patching processes, often taking weeks or even months to implement necessary updates.
Traditional security measures are failing to protect against these new AI-enabled threats at runtime. While security teams have become adept at blocking known attacks like SQL injections, they are ill-equipped to handle attacks that are semantic rather than syntactic in nature. Gartner’s research indicates that businesses are willing to embrace generative AI technologies, even if it means compromising on security measures. This shift opens the door for attackers to exploit vulnerabilities using sophisticated AI techniques that can bypass traditional security controls.
To address these evolving threats, security leaders and AI builders must understand and implement defensive measures against eleven attack vectors that bypass traditional security controls. These include direct prompt injection, camouflage attacks, multi-turn crescendo attacks, indirect prompt injection, obfuscation attacks, model extraction, resource exhaustion attacks, synthetic identity fraud, deepfake-enabled fraud, data exfiltration via negligent insiders, and hallucination exploitation. Each of these vectors requires a unique defense strategy that combines intent classification, context-aware analysis, stateful context tracking, and behavioral fingerprinting, among other techniques.
As Gartner predicts that 25% of enterprise breaches will be attributed to AI agent abuse by 2028, CISOs must prioritize deploying defenses against these new threats. Automation of patch deployment, deployment of normalization layers, implementation of stateful context tracking, enforcement of RAG instruction hierarchy, and propagation of identity into prompts are identified as key deployment priorities. By adopting a zero-trust operational principle and focusing on securing the application layer, enterprises can mitigate the risks posed by AI-enabled attacks.
In conclusion, the rapid evolution of AI technology has transformed the cybersecurity landscape, posing new challenges for enterprise security teams. By understanding the nature of AI-enabled attacks and implementing proactive defense measures, CISOs can secure their organizations against the growing threat of AI-enabled attacks.
