IT Leaders Face New Era of AI-Powered Cyber Threats

AI has accelerated the pace of cyber threats far beyond what most workplaces were built to handle. Attacks now learn from every failed attempt, rewrite their signatures and disguise themselves with human-like language or voice. Defences that rely on predictable patterns or manual response simply can’t keep up.

Lenovo’s latest Work Reborn research shows how deep the gap has grown, with 65% of global IT leaders saying their current security architecture cannot withstand AI-enabled attacks.'

“It’s clear that AI has changed the tempo of cybersecurity,” says Rakshit Ghura, Vice President & General Manager at Lenovo Digital Workplace Solutions. “To outpace these threats, security needs to become as adaptive and intelligent as the attacks themselves.”

Cloud apps, remote endpoints, hybrid identity systems and a rising number of AI tools have created an environment where visibility is fragmented and risks move between systems unnoticed. 

Traditional security models were built for threats that followed clear sequences and left patterns behind. AI-powered attacks don’t do this. They exploit small configuration flaws, mimic legitimate behaviour and move laterally through applications that were never designed to share threat intelligence. As workplaces grow more distributed, these blind spots multiply and reactive defences become even less effective.

The three dimensions of the new threat landscape

Lenovo’s research highlights three areas where AI is reshaping the threat landscape and exposing weaknesses that traditional controls can’t manage.

1. External attacks that evolve autonomously

• Polymorphic malware rewrites its own code to avoid detection.
• Phishing campaigns generate personalised messages at scale.
• Deepfake audio and video make impersonation harder to spot.

2. Internal risks created by ungoverned AI use

• Employees use AI platforms that IT cannot see or monitor.
• Tools can access or generate sensitive data without guardrails.
• Automated actions create activity trails that legacy frameworks struggle to follow.

Lenovo’s research shows 70% of IT leaders now view employee misuse of AI as a major concern, reflecting how quickly these internal risks are growing.

3. AI systems becoming targets themselves

• Training data can be manipulated or stolen.
• Models can be tampered with or extracted.
• Prompts can be exploited to reveal information or bypass controls.

The shift to adaptive, AI-native defence

Instead of relying on centralised systems to spot issues after the fact, AI-native security distributes intelligence across the entire digital workplace, i.e. endpoints, identities, applications and data. This new model is built on the following principles:

Continuous detection instead of periodic scanning
Threat signals are analysed in real time, allowing systems to act the moment behaviour shifts.

Predictive insight rather than signature matching
AI models identify patterns that indicate emerging attacks, even when there is no known threat profile.

Protection pushed to the edge
Endpoints become active defenders, reducing reliance on slower, centralised processes.

Security that adapts with the environment
Controls adjust automatically as users, devices and applications change, reducing blind spots across the workplace.

The result is a security posture that mirrors the velocity and autonomy of AI-powered threats, turning defence into a living, learning system rather than a static perimeter.

Lenovo’s approach to AI-native security

Lenovo is applying these principles across its Digital Workplace Solutions platform, combining device intelligence, endpoint protection and cloud-level visibility into a single AI-native security foundation. The approach strengthens security across devices, applications and AI systems, supported by the following core capabilities:

• AI PCs that act as self-defending endpoints
  Intelligence is embedded directly into devices, enabling them to analyse behaviours locally, detect anomalies and respond without waiting for central systems.
• Care of One powering adaptive digital-workplace protection
  The Gen-AI engine behind Lenovo’s workspace platform helps identify risks earlier, correlate signals across tools and reduce the manual load on IT teams.
• ThinkShield and Lenovo Security Services extending protection from edge to cloud
  Security controls operate consistently across hardware, applications, identity systems and data pipelines, giving leaders clearer visibility over how threats move.
• Cyber Resiliency as a Service delivering measurable outcomes
  Customers have reported 99.5% threat detection rates, sub-30-minute response times and more than 20% cost reductions in year one.

Lenovo’s approach has been recognised across multiple categories at the 2025 Fortress Cybersecurity Awards, including Supply Chain Assurance and Cloud Security for its managed resiliency services. 

What leaders should do now

IT leaders need to focus on steps that strengthen visibility and reduce blind spots across the workplace.

Map where AI is already in use
Shadow AI tools and unmanaged agents can introduce new risks. Organisations need to understand which platforms employees use, what data they access and where actions are being automated without oversight.

Shift detection and response closer to endpoints
As attacks become more autonomous, relying solely on centralised security operations slows response times. Building intelligence into devices and identity systems reduces dwell time and helps contain threats before they move laterally.

Extend protection to AI systems themselves
Models, prompts and training data are now part of the attack surface. Security frameworks should include safeguards against model tampering, data poisoning and unauthorised access to AI-generated outputs.

Transitioning from risk to stronger resilience

The organisations that strengthen their security foundations now, by embedding intelligence across devices, identities and data, will be better positioned to adopt AI with confidence.

“As AI tools proliferate across the workplace, we’re helping organisations build security that adapts as quickly as the threats,” says Rakshit. “The goal is a modern workplace where people can work confidently and systems remain protected, no matter how fast the environment changes.”

Organisations don’t need to choose between embracing AI and staying secure. By strengthening their security foundations now and embedding intelligence across devices, identities and data, they can move faster with greater confidence. 

For deeper insight, explore Lenovo’s Work Reborn research series and the Reinforcing the Modern Workplace report now.