Unseen Threats: The Rapid Evolution of Shadow AI in SOCs

Cybersecurity is facing a significant transformation with the rise of deepfakes, ungoverned AI agents, and the proliferation of machine identities. The ever-evolving threat landscape is challenging security leaders to adapt quickly to defend against attacks that were unimaginable just a year and a half ago.

The CFO of a company receives a call at 3 a.m. from what sounds like the CEO authorizing a $1 million transfer. However, it turns out to be a deepfake, and the money disappears. This scenario is not uncommon in today’s business world, where deepfake attacks are projected to cost organizations $40 billion by 2027.

The integration of gen AI into identity systems has created new attack vectors that organizations are still trying to understand. AI agents with broad permissions, machine identities multiplying exponentially, and shadow AI systems creating unauthorized accounts are all posing significant challenges to cybersecurity.

Statistics show that deepfake incidents have surged by 3,000% in recent years, with contact centers experiencing a 700% increase in voice-based attacks. OpenAI has even incorporated deepfake detection capabilities into its security documentation, highlighting the scale of the threat.

Experts in the field, such as George Kurtz, CEO of CrowdStrike, emphasize the importance of AI-powered defenses against AI-powered attacks. The need for real-time, automated identity security that covers human, machine, and AI entities is crucial in today’s fast-paced threat landscape.

Machine identities are also a growing concern, with organizations managing 45 times more machine identities than human ones. The exponential growth of machine identities is outpacing traditional IAM architectures, leaving critical gaps in security.

Shadow AI, unauthorized AI apps processing corporate data without oversight, is costing enterprises millions in breaches. It is essential for organizations to create governance frameworks to address the risks associated with shadow AI and ensure compliance and risk reviews are conducted for all AI applications.

Security leaders must prepare for deepfakes as existential threats, invest in identity visibility, govern AI agents effectively, and accept that traditional security models are becoming obsolete in the face of machine-speed threats. The evolution of identity security through gen AI represents a critical turning point in cybersecurity, and organizations must act strategically to counter these emerging threats.

The race between AI-powered attacks and AI-powered defenses will define the next decade of cybersecurity. Security leaders have the resources to combat deepfakes, ungoverned AI agents, and exploding machine identities, but the time to act strategically is now to ensure survival in the ever-changing threat landscape.