CYBER THREAT ALLIANCE publishes 2025 Cybersecurity in the Age of Generative AI

WASHINGTON January 14^th, 2025 – The Cyber Threat Alliance (CTA) today announced the publication of its Cybersecurity in the Age of Generative AI Joint Analytic Report (JAR).  This report is broken into two parts. Part I, Combating GenAI Assisted Cyber Threats, addresses the use of GenAI tools for malicious purposes. Part II, Navigating Cyber Threats to GenAI Systems, examines cyber threats to these tools.

The rise of GenAI represents both opportunities and challenges in cybersecurity, empowering the community to leverage AI for innovation, efficiency, and enhanced defenses, while also enabling malicious actors to exploit the technology for a new dimension of AI-assisted threats. While GenAI lowers barriers to entry for adversaries and makes them more efficient, the foundational principles of cybersecurity remain integral to combating these threats effectively. 

This JAR leverages the collective expertise of the CTA community to demystify the GenAI landscape, moving beyond the hype and providing evidence-based use cases. Through extensive collaboration, CTA members are actively addressing this critical topic across many collaborative efforts.

This report underscores that proactive measures, coupled with established best practices, are essential to mitigate the risks posed by AI-driven threats. Organizations must align their policies and practices to address the unique vulnerabilities associated with GenAI and can adopt a holistic approach that integrates technology, policy, and education.

“Many new technologies experience a hype cycle, but the one for Generative AI seems to have scaled new heights,” says Michael Daniel, President and CEO of the Cyber Threat Alliance. “These predictions have included what GenAI could enable malicious cyber actors to do, most of which could be called ‘breathlessly apocalyptic.’  Of course, the reality is somewhat more pedestrian and, not surprisingly, GenAI’s impact on cybersecurity has not matched the hype. That said, malicious actors are adopting GenAI tools in ways that are affecting the cybersecurity landscape. As a result, we thought it important to combine the insights from across our diverse members and partners to look at how our adversaries are actually using these tools in the wild and to provide recommended mitigations given this usage.  The flatter than projected adoption curve gives defenders more time to prepare, but we can’t afford to squander it.”

Key takeaways include:
🔹 GenAI is lowering barriers to entry, facilitating a greater volume of threats as malicious actors apply GenAI through various mediums as text, image, audio, & video, however GenAI has yet to bring more sophistication to threat activity, at this time
🔹 Common myths debunked: AI isn’t making adversaries “smarter,” but more efficient
🔹 Actionable guidance for organizations to integrate AI-specific defenses into their cybersecurity strategies

GenAI is reshaping the threat landscape, but we still have time to prepare. This report and supplement equip organizations with the knowledge they need to proactively address evolving challenges.

Part II of the JAR addresses the emerging problem of securing AI systems against malicious activity. Many actors want to target these systems, but the best practices for addressing these threats are still developing. This section highlights some of the key threats to AI systems and outlines steps that organizations can take to mitigate them. As the reports makes clear, the cybersecurity industry still has a long way to go in understanding cyber threats to AI systems and urgently needs to develop better technologies, processes, and procedures to protect these valuable assets.

About the Cyber Threat Alliance (CTA)

CTA was founded by Check Point Software Technologies Ltd., Cisco, Fortinet, McAfee, Palo Alto Networks, and Symantec, Enterprise Division of Broadcom. Membership also includes CUJO AI, CyberCX, Gen, Hitachi Systems, Juniper Networks, K7 Computing, Level Blue, Maltiverse, Minsait, NEC Corporation, Nozomi Networks, NTT, OneFirewall, Outpost 24, Panda Security (WatchGuard), Penta Security, Rapid7, Red Piranha, ReversingLabs, SANDS Lab, Scitum, SecurityScorecard, SK shieldus, SOCRadar, SonicWall, Sophos, TEHTRIS, Telefónica Tech, and Tinexta Cyber.

CTA is the first formally organized nonprofit group of cybersecurity practitioners that work together in good faith to share threat information and improve global defenses against advanced cyber adversaries. CTA’s mission is to facilitate the sharing of actionable intelligence and situational awareness about sophisticated cyber threats to improve its members’ cyber defenses, more effectively disrupt malicious cyber actors around the world and raise the level of cybersecurity throughout the Internet and cyberspace. The alliance is continuing to grow on a global basis, enriching both the quantity and quality of the information that is being shared across the platform. CTA is actively recruiting additional regional players to enhance information sharing to enable a more secure future for all.