A new survey by Lenovo reveals that 65% of information technology (IT) leaders feel that their defense infrastructures are insufficient to neutralize cyberattacks powered by AI. Only 31% of the surveyed executives consider themselves adequately prepared for this new threat paradigm.
The source of this vulnerability lies in the speed and adaptability of new digital offenses. “AI transforms the balance of power in cybersecurity. To keep up, organizations need intelligence that adapts at the speed of threats. This means fighting AI with AI,” says Rakshit Ghura, Vice President and General Manager of Digital Workplace Solutions, Lenovo. Ghura highlights the obsolescence of traditional defense systems against a landscape where threats evolve in real time.
The findings, published in Lenovo’s third Work Reborn report “Reinforcing the Modern Workplace,” warn that AI plays a dual role in the business environment, being a driver of efficiency and simultaneously a potent attack vector.
Cybercriminals have begun to employ advanced algorithms to execute hyper-agile attacks. These threats can mimic legitimate user behaviors, mutate autonomously to evade detection by conventional security software, and operate in a coordinated manner across multiple fronts. These fronts include cloud infrastructure, data stores, applications, and user endpoints. This fundamental shift requires a strategic reassessment that moves beyond reactive and perimeter-based defenses.
The Lenovo report details the concerns of IT leaders, identifying three main areas of risk. The first is external AI-powered threats, which include the development of polymorphic malware, the execution of large-scale automated phishing campaigns, and identity impersonation using deepfakes that are significantly difficult to detect.
The second area of vulnerability is internal risk. According to the study, 70% of respondents perceive the misuse of AI tools by employees as a high-impact danger. Furthermore, over 60% fear that AI agents will create a new category of internal threats for which existing security architectures offer no protection. This ranges from the leakage of confidential data through generative AI platforms to the manipulation of internal processes by compromised autonomous agents.
Finally, the report warns about the vulnerability of AI infrastructure itself. The training models, datasets and prompts that form the core of intelligent systems have become high-value targets. They are susceptible to manipulation, data poisoning, or intellectual property theft.
Given this landscape, conventional defenses could be insufficient. Data from Gartner projects that by 2027, 90% of successful AI implementations in cybersecurity will focus on task automation and process augmentation, not on replacing human roles. McKinsey, in turn, warns that organizations that maintain their reliance on traditional defenses will face a growing competitive disadvantage and operational risk.
In response, Lenovo proposes an AI-native cyber-resilience strategy designed to detect threats before they materialize and to adapt dynamically. The company is integrating autonomous defense capabilities at the hardware level with its new generation of AI PCs, turning endpoints into self-protecting assets. These capabilities connect with Lenovo’s cyber-resilience platform, which provides coverage from the edge to the cloud.
Lenovo’s Digital Workplace Solutions, powered by the Gen-AI technology of the Care of One platform and the ThinkShield suite, protects endpoints, applications, and data. “With AI tools proliferating beyond the visibility of IT and attackers exploiting gaps that traditional systems cannot recognize, Lenovo is providing the AI-powered defenses that companies need to close the gap, turning risk into resilience,” says Ghura.
