We are living in the golden age of Artificial Intelligence. From generative text to advanced data analysis, AI is transforming how businesses operate. As with any rapid technological shift though, a new frontier of cyber risk has emerged.
According to the IBM 2025 cost of a data breach report, 1 in 6 cyber breaches now involve AI, either as a target or a tool to facilitate the attack. Even more concerning, the presence of “Shadow AI” (unauthorised AI tools used by employees) is adding an average of $670,000 to the cost of a data breach, and over two-thirds of breached organisations cite a lack of AI governance as a key factor.
So, what are the actual scenarios, and more importantly, how do we assess and manage them without relying on flawed, subjective “High/Medium/Low” spreadsheets?
The 4 Core AI Cyber Risks Every Business Faces
In my recent webinar, I broke down the AI threat landscape into four distinct categories:
-
AI-Driven Cyber Attacks: Attackers are leveraging AI to scale and sophisticate their attacks. This ranges from hyper-realistic deepfakes, like the recent case where a company lost $25 million due to a deepfake video conference scam, to highly targeted, automated phishing campaigns and finding new previously unknown vulnerabilities at scale.
-
Internal / Shadow AI Data Leakage: Employees are eager to use AI to work faster, but they often input sensitive company data, source code, or PII into public LLMs like ChatGPT or Claude. This well-intentioned behaviour can lead to severe data exposure and intellectual property loss even using approved AI for the wrong purpose or with the wrong information can be harmful.
-
Compromise of Customer-Facing AI: As businesses deploy their own AI chatbots and other customer facing applications these tools become targets. If improperly secured, attackers can use prompt injection to bypass guardrails, steal underlying data, or cause the bot to damage the company’s reputation.
-
Supply Chain AI Compromise: If a third-party vendor’s AI tool is compromised, your data could be exposed, or malicious code could be pushed into your systems.
The Problem with Traditional Risk Management
When faced with these new threats, most organisations try to assess them using traditional methods: labeling risks on a 1-to-5 scale or calling them “High, Medium, or Low.” The problem with this approach? These terms are highly subjective and virtually impossible to communicate effectively to a board of directors. A “High” risk doesn’t tell a CFO what the cost of not doing something is. Nor does it help calculate the ROI of doing something about it, compared to all the other priorities competing for business resource allocation.
How to Approach and Quantify the four AI Risk Scenarios
How do we actually put this into practice? Here are practical steps for approaching these four key AI risk scenarios, and how you can quantify them to drive better decisions:
1. AI-Driven Cyber Attacks
The Approach: AI-Driven attacks, such as deepfake executive fraud and automated phishing, fundamentally change the threat by increasing scale, speed, and sophistication. Phishing is now delivered to a wider audience, is faster, and is more effectively written than attacks by human non-native speakers, increasing the likelihood of successfully bypassing current controls. Organisations must review current controls against these automated threats and update incident response playbooks for high-impact scenarios like deepfake executive fraud.
The Quantification: Quantification begins by looking at the historical frequency of social engineering incidents in your sector. The baseline impact (X) of a successful attack is the direct financial loss and business disruption, plus OSRU consequences (e.g., regulatory fines, reputational damage, or IP loss). AI fundamentally changes the model: the likelihood is adjusted upward as AI-driven phishing is faster, wider-reaching, and more effectively written, and the impact magnitude is increased by high-sophistication attacks like deepfake executive fraud. This modeling of heightened likelihood and impact calculates the total financial exposure, justifying specific investments in advanced filtering or enhanced verification.
2. Internal / Shadow AI Data Leakage
The Approach: Employees are eager to use AI for productivity, which leads to the unintentional exfiltration of sensitive company data, source code, or PII into unauthorised public LLMs—the risk known as “Shadow AI.” Since banning these tools is ineffective (employees will find workarounds), the required strategy must pivot to risk mitigation: establish clear acceptable use policies for generative AI and actively monitor where staff might be pasting sensitive data, while also deploying secure, private AI alternatives.
The Quantification: Quantification begins by looking at the historical frequency of unintentional data loss or IP theft incidents in your sector. The baseline impact (X) of a successful data leak is the potential cost of intellectual property loss or regulatory fines. AI fundamentally changes this model: the likelihood is increased as the risk becomes widespread due to unintentional, frequent employee usage, and the impact magnitude is increased as the presence of Shadow AI is currently documented to add an average of $670,000 to the cost of a data breach (reference: IBM cost of a data breach report 2025). By modeling this specific financial exposure, you can accurately build a business case for the cost of deploying secure, private AI alternatives for your team to use safely.
3. Compromise of Customer-Facing AI
The Approach: As businesses deploy customer-facing AI such as chatbots and tools these become public-facing attack surfaces. Attackers may exploit prompt injection and other AI exploitation techniques to bypass guardrails, enabling them to steal underlying data or cause the bot to damage the company’s reputation. The required strategy is to implement strong guardrails and rigorously test for prompt injection vulnerabilities before these tools go live.
The Quantification: Quantification starts by analysing the historical frequency of data breach or reputational incidents linked to public-facing applications in your sector. The baseline impact (X) of a compromise is likely the direct financial cost of a data breach and service disruption, plus OSRU consequences such as regulatory fines and long-term reputational damage. AI potentially alters this standard application compromise scenario: the likelihood may be adjusted upward as attackers are keen to exploit AI techniques to bypass guardrails and have a bigger impact on their victims. The impact magnitude may be significantly raised due to access to potentially bigger underlying data stores, the high-profile public interest of an AI breach (exacerbating reputational damage), and the ability to leverage the bot for a potentially wider detrimental impact on users. Modeling this heightened likelihood and impact calculates the total financial exposure, justifying the necessary security testing budget before product launch..
4. Supply Chain AI Compromise
The Approach: The risk is that if a third-party vendor’s AI tool is compromised, your data could be exposed, or malicious code could be pushed into your systems. Therefore, you must govern the AI you buy, not just the AI you build. The required strategy is to audit key vendors on their AI integration and update third-party risk assessments to explicitly cover AI use cases.
The Quantification: Quantification starts by analysing the historical frequency of supply chain or third-party data breach incidents in your sector. The baseline impact (X) of a compromise is the direct financial cost of a breach and service disruption, plus OSRU consequences (e.g., regulatory fines and long-term reputational damage). AI alters this standard vulnerability model: the likelihood rises as new AI features introduce attack surfaces, while the impact magnitude is significantly raised by the risk of potentially widespread malicious code injection, violation of geographical data processing commitments (e.g., if data is processed outside the EU), and the potential for the vendor to use your data to train third-party or fourth-party models. Modeling this inherited risk calculates the total financial exposure, which is essential for evaluating whether the operational benefit of a vendor’s new AI feature outweighs the financial risk it introduces.
The Cydea Difference: A Complete View of Your Risk
Analysing both primary impacts and the wider consequences in financial terms helps you to quantify the true business impact of a cyber risk. If you measure the cost of mitigation, it also provides you a clear picture of the investment required (or not!).
You can apply these approaches and quantification steps to your own model, or if you want to dive in and start tweaking and tailoring using the AI Risk Pack from the Scenario Library in Cydea’s Risk Platform.
Our platform simulates the range of consequences as a loss exceedance curve, allowing you to aggregate multiple risks into a complete view of your total risk exposure. This approach demonstrates the tangible ROI of your security programme by showing exactly how it reduces risk and prevents loss for your business.
Ready to stop guessing and start quantifying? Discover how the Cydea Risk Platform can transform your cyber security strategy today. Start your free 30-day trial here.
Nicolas Aristegui
Lucia Turner
Penny Yap