A recent report from LevelBlue reveals that only 53% of Chief Information Security Officers, or CISOs, feel prepared to defend against AI-driven threats, despite 45% expecting such attacks to affect their organizations within the next year. The study highlights that while 60% of CISOs are confident in their cyber resilience skills, internal alignment on cybersecurity remains a challenge. Notably, only 45% believe that business risk appetite aligns effectively with cybersecurity risk management.
Global cyber attacks have surged in January 2026, with organizations facing an average of 2,090 attacks per week, a 3% increase from December and a 17% rise year-on-year, according to Check Point Research, the threat intelligence arm of Check Point Software Technologies. The rise is attributed to intensified ransomware activity and increased data exposure linked to the growing use of Generative AI tools. In January, one in every thirty GenAI prompts from corporate networks posed a significant risk of sensitive data exposure, affecting 93% of organizations using these tools. The education sector remains the most targeted, averaging 4,364 weekly attacks per institution, while ransomware incidents have also risen by 10% year-on-year, with North America accounting for 52% of all reported cases.
Google’s Threat Intelligence Group has reported a significant increase in attempts to extract and replicate its artificial intelligence models, warning that both state-backed and financially motivated attackers are leveraging generative AI for malicious activities. The report highlights a rise in “model extraction attempts,” which involve querying mature AI models to gather outputs for training competing models, thereby posing a risk primarily to developers and AI service providers. According to the report, more than 100,000 prompts linked to campaigns have attempted to coerce Google’s AI model, Gemini, into revealing its internal reasoning processes. The threats are not limited to model theft; they also encompass the use of AI in sophisticated phishing schemes, with state-sponsored actors from countries like North Korea, Iran, China, and Russia exploiting these technologies for targeted reconnaissance and social engineering.
Why do we care?
Here’s the structural break: AI-augmented attacks exploit the detection-and-attribution gap—and most MSPs are blind where it matters.
Business units are adopting GenAI without IT approval, which means risk decisions are happening outside your controls. Data is leaving through browser-based tools like ChatGPT and Claude, and if you’re not monitoring that web/SaaS layer, you don’t even know it happened.
And negligence isn’t “a breach occurred.” Negligence is a mismatch between what you sold and what you actually covered. If you imply “we prevent data loss,” but you can’t see or govern GenAI usage, your own positioning becomes the plaintiff’s exhibit.
The fix is boring and profitable: define GenAI coverage in the agreement, require an AI acceptable-use policy, and enforce a minimum baseline—identity controls, web/SSE policy, log retention, and incident-response readiness. Then instrument it so your SOC can answer fast: who used which tools, what data classes were exposed, and what controls were in place.
The market is splitting: providers building GenAI visibility plus behavioral detection for API abuse, versus providers buying “AI-powered security” that generates alerts without closing the visibility gap. This is permanent friction. AI makes attacks look normal—and if you can’t prove what happened, you can’t defend what you delivered.