iscover AI uptake ramping up cyber threats for businesses, BDO says
TechnologySmall businesses take over a week to recover from cyber attacks, and AI tools are ramping up firms’ exposure to threats, a white paper has revealed.
A new International Data Corporation (IDC) white paper commissioned by BDO revealed that the average organisation takes over a week to recover from cyber incidents, costing organisations time, money and customer trust.
BDO cyber security leader Leon Fouche said that while organisations poured resources into AI, many still “bolted on” cyber security solutions instead of properly embedding them into their culture and systems.
“Budgets are no longer the primary barrier. The real issue is that security is too often treated as an afterthought,” he said.
“If you wait until execution or, worse, until after an incident, you’ve already lost valuable ground. Cyber security has to move upstream and be embedded from the very start of transformation.”
IDC’s white paper found that the average organisation took over four days to respond to a cyber incident, and over seven to recover.
Growing uptake of new technologies, especially generative AI, was exposing businesses to increasing cyber threats, Fouche said.
“GenAI is an extraordinary tool for innovation, but it’s also a gift to adversaries,” he warned.
“Without strong oversight, training, and access controls, businesses risk exposing sensitive data and amplifying social engineering attacks. The need to act has never been more urgent.”
AI has also revolutionised the way that cyber criminals work and boosted fraud risks, Niek Dekker, VP of marketing at payment fraud prevention firm Eftsure, told Accountants Daily's sister brand, Accounting Times, earlier this year.
“Where the criminals are using [AI], they are speeding up their way of execution and making it way more sophisticated as well, so their attacks will be way faster, more automated. There's less risk and more reward for those people, so there's more incentive for other people to get involved in it,” he said.
“We reckon there will be more attacks and more sophisticated attacks, so it will become harder for accountants to navigate that.”
As cyber threats ramp up, Fouche said organisations that embedded cyber security into their core business strategy would fare better than those that saw it as a box-ticking exercise.
“Organisations that build cyber maturity into their culture and governance, supported by real-time detection and proactive risk management, will be the ones who thrive,” he said.
“Cyber security is no longer a compliance box to tick; it’s a decisive driver of competitiveness and trust.”
Emma Partis
Emma Partis is a journalist at Accountants Daily and Accounting Times, the leading sources of news, insight, and educational content for professionals in the accounting sector. Previously, Emma worked as a News Intern with Bloomberg News' economics and government team in Sydney. She studied econometrics and psychology at UNSW.
