AI-powered attacks: What CISOs need to know now

Artificial intelligence (AI), particularly generative AI (GenAI), has deeply impacted IT, enabling both easy content creation and complex data analysis.

As with any tool, GenAI can help or harm, and today's chief information security officers (CISOs) must recognize and embrace that duality. For example, GenAI aids a CISO in writing a report on operations, but attackers use GenAI to craft sophisticated business email compromise scams or phishing attacks.

AI-powered attacks are cyber attacks that use AI technologies to automate, enhance and personalize malicious activities at scale, making them far more dangerous than traditional attacks.

Since ChatGPT's debut in 2022, the volume and sophistication of AI-powered attacks have increased. AI makes phishing attacks more potent and is impacting ransomware. According to research released by Google in January 2025, state-sponsored threat actors now actively use AI. The FBI, too, warned of increased AI use by cyber criminals.