By 2026, security teams are expected to confront a notable rise in AI-driven cyberattacks, according to research from cybersecurity firm Hadrian. The study shows that a significant 99.5% of alerts handled by security personnel are false positives, with only 0.47% of issues being genuinely exploitable. This situation diverts organizations' focus towards managing tickets rather than conducting proactive threat remediation.
Nearly two-thirds of Chief Information Security Officers (CISOs) view AI-driven threats as their top concern for the coming year. The research also indicates that most verified exposures fall under medium or low severity, leading to alert fatigue and complicating the identification of critical threats. Only 3% of validated findings are classified as critical vulnerabilities, which struggle to gain attention amidst a flood of alerts.
Rogier Fischer, CEO of Hadrian, emphasized the necessity for a shift towards continuous, offensive cybersecurity strategies in the face of evolving tactics used by cybercriminals. These attackers utilize automation and AI-assisted methods to efficiently locate and exploit vulnerabilities, contrasting with traditional defenses that are slow and reliant on manual processes.