A recent survey by Gartner, a research and consulting firm, found that artificial intelligence (AI)-enhanced malicious attacks remained the top emerging risk for enterprises in the third quarter of 2024, marking the third consecutive quarter that these attacks have held this position.
According to Gartner, this ongoing trend highlights the increasing concerns among business leaders over potential AI-driven threats to enterprise security.
The survey, which polled 286 senior risk and assurance executives, also revealed other significant emerging risks. Gartner’s findings pointed to two new areas of concern: the criticality of IT vendors and the unpredictable regulatory landscape influenced by political events.
“While the upcoming US election generates headlines over the candidates’ regulatory, trade, and other proposals, organizations have difficulty considering the actual risk implications from the many scenarios that might unfold,” Zachary Ginsburg, senior director, Research in Gartner’s Risk & Audit Practice, said in a media release. “Amplifying this uncertainty are recent US Supreme Court decisions on federal agencies’ authority to set and enforce regulations.”
Risk of reliance on single vendor
Another factor contributing to the high-risk profile for organizations is their dependency on major IT vendors. Gartner noted a recent CrowdStrike outage in July, which underscored the potential vulnerabilities for companies heavily reliant on large-scale technology vendors.
“Customers with a concentration of services with one vendor may face elevated risk in the event of outages,” said Ginsburg. “They may also encounter unexpected changes in services due to new regulations or legal decisions in the EU, US, or elsewhere.”
Emerging risks cited in the survey largely fall under technology and political uncertainties. Alongside AI-enhanced cyberattacks, the regulatory unpredictability driven by global election outcomes remains a top concern for executives, who face difficulties in forecasting potential outcomes in this fast-evolving environment. Organizations are encouraged to use scenario planning to better manage these risks.
“Political and legal events may have complex risk implications, but events that are contingent on a defined set of outcomes, like an election, are good candidates for scenario planning,” added Ginsburg.
As businesses adapt to a complex risk environment, Gartner’s report highlights the importance of proactive strategies for risk management in an era of rapid technological advancement and regulatory change.