Dear CIO,

AI is rapidly integrating into every corner of the enterprise, and the 2025 Verizon Data Breach Investigations Report (DBIR) provides a timely, sober look at how generative AI is already reshaping the threat landscape. While not as granular as dedicated GenAI threat research, the DBIR captures critical trends that every CIO and security leader must understand. It also issues a blunt reminder: many of the most urgent challenges aren’t flashy deepfakes or rogue AIs, but rather the erosion of long-standing security principles like data minimization and least-privilege access, sacrificed in a renewed race to hoard information for future AI ambitions. The time for CIOs to engage directly and decisively is now.

Best Regards,
John, Your Enterprise AI Advisor

What the Latest Verizon DBIR Says About AI

Deep Dive Into The 2025 Verizon Data Breach Investigations Report

While dedicated reports and vendor‐specific threat intelligence studies offer deep dives into GenAI abuse, the 2025 Verizon Data Breach Investigations Report (DBIR) provides a concise, enterprise‐focused snapshot of how AI is already shaping the threat landscape. It isn’t as exhaustive as specialized GenAI research, but it lays a solid foundation for understanding key risks and emerging trends.

1. Generative AI in Attackers’ Hands

• State‐sponsored experimentation: Both OpenAI and Google have publicly confirmed that nation‐state actors use GenAI to craft influence operations, more convincing phishing lures, and even malicious code scaffolding.

• Measurable increase in AI‐generated phishing: Telemetry from an email‐security partner shows the share of malicious emails containing synthetic text has roughly doubled over the past two years (from ~5 % to ~10 %).

2. Insider Risk & Data Leakage into LLMs

• Frequent GenAI access: 15% of employees accessed GenAI platforms on corporate devices at least once every 15 days.

• Policy‐violating logins: Of those users, 72% signed in with personal/non‐corporate accounts and 17% with corporate credentials without SSO/SAML protection—strong indicators of unsanctioned uploads of sensitive IP and client data into public LLMs.

3. A New “Always-On” Attack Surface

• As GenAI features (voice assistants, on-device models) become embedded by default in mobile OSes and business apps, potential leakage vectors—voice logs, keystroke captures, and camera feeds—multiply, often beyond IT’s visibility or users’ awareness.

4. The “Banal” but Pervasive Threat

• Beyond flashy deepfakes or AI‐powered social engineering, the DBIR warns that the most common AI‐related risk remains employees uploading confidential documents and codebases for quick summaries or code snippets, undermining data-minimization and least-privilege controls.

Limitations & Next Steps

The DBIR’s AI coverage offers valuable, cross-industry insights, but lacks the granularity of platform-specific GenAI threat analyses (e.g., deepfakes, model poisoning, specialized malware generation). Organizations seeking a deeper technical playbook should pair these findings with vendor threat reports and open-source GenAI-abuse research. Nevertheless, as a starting point, the DBIR highlights key action areas—phishing, insider data leakage, and mobile AI risks—that every security team should address today.

Bottom Line:
GenAI hasn’t yet upended the world; it amplifies classic threats (phishing, credential abuse, code-injection) and creates fresh blind spots around data leakage and “always-listening” AI features. Tackling these four domains will fortify your defenses as AI continues its rapid integration into enterprise systems.

You can take a look at the 2025 Verizon DBIR Here.

• Kevin Poireault dives into the Verizon’s 2025 Data Breach Investigations Report showing how the use of vulnerability exploitation as an initial access method for cyber incidents has surged.

• Becky Bracken writes on how misconfigured Kubernetes permissions are exposing cloud environments to privilege escalation attacks.

• Ionut Arghire covers security researcher Sharon Brizinov uncovering hundreds of leaked secrets hidden in deleted files from public GitHub repositories.

• Dave Mangot shares slides from a recent presentation on why your architecture might be disrupting your coding assistant.

• In this video, Bruno Passos of Booking.com shares how their Developer Experience team used GenAI tools to dramatically boost developer productivity.

• Ray Myers shares a potential talk abstract on exploring the challenges AI coding agents face with real-world legacy systems.

• Aimee Chanthadavong shares how AI is making the cybersecurity skills crisis worse.

• Matt Marshall writes on how Google has become the leader in enterprise AI.

• Christopher Whyte explains that as AI cybersecurity systems increasingly rewrite and adapt themselves, they introduce new risks of internal unpredictability.

• The Artificially Intelligent Enterprise goes over how to get better LLM results with your data.

• AI Tangle covers Adobe’s next Firefly model, OpenAI’s interest in purchasing Chrome, and more.