Thailand-Based Analysts Highlight Gartner Forecast: AI Applications to Dominate 50% of Cyber Incident Response by 2028

Brickinfo News Agency – Gartner, Inc. has issued a significant forecast indicating that half of all enterprise cybersecurity incident response efforts will be dedicated to threats involving custom-built AI-driven applications by 2028. This shift underscores a growing concern regarding the rapid deployment of complex AI systems that often outpace the security protocols designed to protect them. As businesses in Thailand and globally accelerate their digital transformation, the lack of established processes for handling AI-specific vulnerabilities is expected to increase the time and effort required to mitigate security breaches.

Christopher Mixter, VP Analyst at Gartner, noted that the speed of AI evolution is currently surpassing the testing phases for many custom tools. “AI is evolving quickly, yet many tools – especially custom-built AI applications – are being deployed before they’re fully tested,” Mixter stated. He further explained that these dynamic systems are difficult to secure over time and that most security teams currently lack clear processes for AI-related incidents, leading to prolonged resolution times and increased operational strain. To counter this, Gartner advises security leaders to engage in AI projects at the earliest stages to ensure adequate resources and security controls are integrated from the start.

The transition toward AI security platforms is expected to become a standard by 2028, with over 50% of enterprises projected to adopt these unified systems to manage risks such as prompt injection and data misuse. These platforms are designed to provide Chief Information Security Officers (CISOs) with centralized visibility, allowing for consistent enforcement of security guardrails across both third-party and internal AI applications. This centralized approach is seen as a vital step in monitoring AI activity and ensuring that usage policies are strictly followed as adoption scales.

Beyond immediate security threats, Gartner warns of significant financial risks associated with manual compliance. By 2027, 75% of regulated organizations relying on manual AI compliance processes could face fines exceeding 5% of their global revenue. Despite varying regional laws, global AI regulations are converging on requirements for systematic risk management. Gartner recommends that organizations move toward technology-enabled compliance and establish robust cyber governance frameworks to navigate the evolving landscape of AI safety standards.

The long-term impact of AI adoption also includes a substantial burden on IT departments, with Gartner predicting that 33% of IT work will be focused on remediating AI data debt by 2030. Many organizations currently possess data that is not “AI-ready” due to poor security and lack of structure. Consequently, cybersecurity leaders are being urged to expand data loss prevention measures and collaborate with data analytics teams to implement structured programs for data discovery and access control.

Finally, the report highlights the influence of geopolitical factors on cybersecurity strategies. By 2027, 30% of organizations are expected to demand comprehensive sovereignty of cloud security controls to mitigate risks stemming from global instability. Additionally, by 2028, 70% of CISOs will likely utilize identity visibility and intelligence capabilities to reduce the attack surface of Identity and Access Management (IAM). By integrating AI-powered platforms, organizations aim to close visibility gaps and reduce the risk of credential compromise in an increasingly complex environment of human and machine identities.