《CYE：2025首席信息安全官（CISO）指南：识别与应对生成式AI驱动型威胁（英文版）（15页）.pdf》由会员分享，可在线阅读，更多相关《CYE：2025首席信息安全官（CISO）指南：识别与应对生成式AI驱动型威胁（英文版）（15页）.pdf（15页珍藏版）》请在三个皮匠报告上搜索。

1、The CISOs Guide toUncovering&Mitigating GenAI-Driven ThreatsSeptember 2025eBookTable of ContentsIntroduction:The Urgency of AI Risk.3Case in Point:$25M Lost to Deepfake.44 Most Common AI Exposures to Note.5Why AI Threats Stay Hidden.13What Security Leaders Can Do Right Now.14Mitigate AI Threats With

2、out Reinventing Your Security Strategy.15 2Introduction:The Urgency of AI RiskThe rise of GenAI has introduced new technologies,new possibilities,and new exposures.From LLM-powered chatbots to machine learning models built into core systems,AI adoption is accelerating across every industry.The probl

3、em is that most organizations are moving faster than their security controls.That is why AI risk is so urgent.In fact,organizations are increasingly seeing a new attack surface rising from the adoption of AI from coding,research,content creation,shadow apps,support agents,and so much more.One thing

4、is certain it is rapidly evolving on a continuous basis,mostly in an ungoverned way.One of the most overlooked risks is the everyday use of public GenAI tools like ChatGPT or Gemini.Employees may unknowingly paste proprietary code,internal documents,or even sensitive credentials into public LLMs tha

5、t store and process this data.Without proper policies,organizations may be exposing intellectual property or confidential assets without realizing it.Leading providers offer enterprise-grade LLM options that dont store prompts or responsesbut most companies havent yet made the shift.In fact,as of Q4

6、 2024,only 20%25%of organizations have adopted private or customized LLMs,according to Deloitte.That leaves the vast majority still relying on public tools.This guide explores four GenAI/LLM threats.The first two threats exploit social engineering tactics,while the other two are brand new made possi