Businesses boost AI in cybersecurity but fear rising new risks

Research from Trend Micro shows that global businesses are increasingly adopting artificial intelligence in their cybersecurity strategies, while at the same time expressing growing concerns about the potential risks the technology may introduce.

Widespread adoption

According to a recent survey of 2,250 IT and cyber decision makers across 21 countries, 81% of global businesses are already using AI-driven tools as part of their cybersecurity strategy. This figure is even higher in the UK, where 86% of businesses have incorporated AI. Nearly all respondents worldwide—97%—said they are open to using AI in some capacity, with more than half already employing it for critical functions such as automated asset discovery, risk prioritisation, and anomaly detection.

Rachel Jin, Chief Enterprise Platform Officer at Trend Micro, commented on the dual nature of AI's role in cybersecurity:

"AI holds enormous promise for strengthening cyber defences, from identifying anomalies faster to automating time-consuming tasks. But attackers are just as eager to leverage AI for their own purposes, and that creates a rapidly shifting threat landscape. Our research and real-world testing make it clear that security must be built into AI systems from the outset. There is simply too much at stake to treat this as an afterthought."

The survey underscores that AI and automation are considered top priorities for improving cybersecurity over the next 12 months by 42% of organisations surveyed. Companies see AI as a critical tool for staying ahead of threats and managing increasingly complex digital environments.

Security concerns mount

Despite the widespread enthusiasm for AI, an overwhelming 94% of global businesses believe that AI will negatively affect their cyber risk exposure within the next three to five years. In the UK, 66% of businesses surveyed are concerned that AI-driven attacks will increase significantly in both complexity and scale during this period.

UK organisations identified three primary security concerns related to AI: increased risk of AI-powered phishing or social engineering attacks (54%), exposure of sensitive data (41%) and the proliferation of shadow IT (38%). These risks underline the challenge facing companies as they integrate new AI technologies into their operations.

Pwn2Own Berlin spotlights vulnerabilities

The tension between AI's potential and its risks was highlighted during the recent Pwn2Own event in Berlin, where Trend Micro introduced an AI category for the first time. In total, twelve entries targeted four major AI frameworks, including the NVIDIA Triton Inference Server, which was the subject of the most attacks.

Other frameworks that were successfully exploited included Chroma, Redis, and the NVIDIA Container Toolkit. In some cases, attackers were able to fully compromise systems with a single bug. Seven unique zero-day vulnerabilities were uncovered across these AI frameworks. According to the established protocol, the vendors now have 90 days to address and patch these flaws before technical information about them is publicly released.

Focus on proactive security

As AI continues to be deeply integrated into enterprise IT environments, Trend Micro is urging security leaders to re-evaluate their risk landscapes. The organisation advocates embedding robust security measures across all phases of AI adoption, from design to deployment.

The findings are based on a survey conducted by Sapo Research, which spoke to IT and cybersecurity professionals globally, including 100 respondents in the UK. The results reflect a global consensus that while AI offers significant enhancements to cyber defences, it simultaneously introduces new and evolving security challenges.