Twenty-nine percent of cybersecurity leaders said their organisations experienced an attack on enterprise GenAI application infrastructure in the last 12 months, according to a survey by Gartner.
The survey was conducted from March-May 2025 among 302 cybersecurity leaders in North America, EMEA and Asia/Pacific.
The survey found that 62% of organisations experienced a deepfake attack involving social engineering or exploiting automated processes, while 32% said they experienced an attack on AI applications that leveraged the application prompt in the last 12 months.
Chatbot assistants are vulnerable to a variety of adversarial prompting techniques, such as attackers generating prompts to manipulate large language models (LLMs) or multimodal models into generating biased or malicious output.
Impact of GenAI on the Attack Landscape (Percentage of Respondents)
Source: Gartner (September 2025)
Akif Khan, vice-president analyst at Gartner, comments: “As adoption accelerates, attacks leveraging GenAI for phishing, deepfakes and social engineering have become mainstream, while other threats — such as attacks on GenAI application infrastructure and prompt-based manipulations — are emerging and gaining traction.”
While 67% of cybersecurity leaders said emerging GenAI risks demand significant changes to existing cybersecurity approaches, Gartner said a more balanced strategy is warranted. “Rather than making sweeping changes or isolated investments, organizations should strengthen core controls and implement targeted measures for each new risk category,” says Khan.