Thought Leaders

Defending the Enterprise Against Malicious AI Agents

mm
Published

The cybersecurity landscape has entered a new phase: What was once a contest between human attackers and human defenders has become a resource battle between machines. Advances in generative and agentic AI have industrialized cybercrime, transforming it from a niche, high-skill discipline into a scalable, low-barrier operation. According to recent industry data, roughly 41% of attacks are now AI-driven, a figure that underscores how quickly this shift is accelerating.

The High Price of Legacy Defenses

The financial impact of AI-powered attacks is already substantial. Data from Fingerprint’s 2025 State of AI Fraud and Prevention Report shows that companies lose an average of $414,000 annually to AI-driven fraud, with one-third of respondents reporting losses of up to $1 million. For many organizations, these figures are no longer outliers; they are becoming part of the cost of doing business online.

These losses also signal a deeper structural problem: The defensive tools enterprises rely on were designed for a different threat model. Measures such as CAPTCHAs, IP-based rules, simple rate limits, and blocklists were designed to filter out scripted bots. Today, those same controls are increasingly ineffective against AI-powered adversaries that can operate real browsers, adapt to friction in real time, and distribute activity in ways that blend into legitimate traffic.

CAPTCHAs illustrate the problem clearly. Once intended to distinguish humans from bots, many faster and more accurately than people. At the same time, these challenges introduce friction for legitimate users, increasing abandonment rates and degrading customer experience. Multifactor authentication (MFA) adds a layer of protection, but it too is vulnerable to SMS swapping and phishing. In aggregate, these controls often create the illusion of security while shifting the burden onto genuine users.

The Operational Crisis and the Privacy Contradiction

The balance sheet tells only half the story — the other half of the narrative is operational paralysis. The same report highlights that 62% of B2B SaaS respondents indicate their fraud teams spend significantly more time on manual processes due to AI-powered attacks. Analysts are inundated with alerts, false positives, and edge cases, leaving fewer resources for proactive defense, threat intelligence, and long-term strategy.

This operational strain is compounded by the necessary evolution of consumer privacy. While regulations and consumer preferences are moving toward greater protection, this shift has unintentionally created a blind spot for security teams.

The core finding is this: 40% of organizations say privacy compliance significantly reduces user identification accuracy. As browser vendors like Mozilla and Apple take pro-privacy stances that limit traditional browser and device identification techniques, they also inadvertently enable fraud. In other words, in the effort to protect users, we have also made it easier for fraudsters, human or automated, to remain anonymous — which, ironically, has made it harder to protect legitimate users. The impact felt is significant: 57% of B2B SaaS companies, 32% of fintech companies, and 27% of banking institutions report a severe reduction in device and browser ID accuracy.

Why Legacy Tools Fail the AI Test

The mismatch between legacy defenses and modern attackers is now stark. IP addresses are easily rotated, MFAs can be bypassed, and CAPTCHA challenges can be solved quickly by AI models. However, these solutions offer little to no persistence against malicious actors.

Additionally, unlike traditional bots that follow linear scripts, agentic AI can “reason” through obstacles, adjusting its strategy dynamically as it learns from its mistakes. As more people turn to digital apps, the inability of legacy defenses to contain adaptive AI-driven attacks has led to greater opportunities for data breaches and systemic risk.

For enterprises, this creates a persistent dilemma. Tighten controls aggressively, and legitimate users are penalized with friction, delays, and false rejections. Loosen controls to preserve experience, and fraud volumes rise. The result is a “lose-lose” tradeoff that erodes both security posture and customer trust.

Enterprise Value: Deciphering Intent to Restore Trust

For high-risk sectors like fintech and ecommerce, the value proposition of modern device intelligence is about more than just “stopping fraud”— it’s about restoring confidence in identifying user intent and assessing risk more accurately.

Device intelligence enables organizations to assess risk by recognizing trusted devices and analyzing the surrounding signals of each interaction, such as browser integrity, automation indicators, environment consistency, and behavioral anomalies, before a user ever provides credentials or makes a transaction. This shift from reactive to proactive prevention and context-driven risk assessment is essential for operational efficiency and user trust.

For example, for Cornershop by Uber, device intelligence reliably identified returning users and surfaced high-risk activity early, enabling them to catch fraudulent transactions, minimize false positives, and reduce chargebacks.

The Strategic Pivot: Agentic Defense and Real-Time, Device-Level Signals

As AI-driven threats become more adaptive, enterprises need the ability to evaluate whether a session appears legitimate at the first sign of activity, not just after a transaction fails or an account is compromised.

Because of this, adapting to AI-driven threats requires a strategic pivot in how defenses are designed. Rather than relying on brittle identifiers like IP addresses or easily falsified behaviors like mouse movements, enterprises are beginning to prioritize device-level signals that are more difficult for autonomous agents to manipulate. Real-time risk indicators based on a device’s environment, integrity, and configuration provide fraud teams with the reliable signals they need to act immediately when suspicious activity is detected.

The Dual Cost of Weak Security Against AI-Powered Threats

The cost of compromised enterprise security is two-pronged: economic loss and efficiency loss. On the economic front, when defenses are inconsistent, manual, or easily bypassed, attackers can operate at scale with limited risk. When defenses raise the cost and complexity of attacks beyond their expected return, adversaries move on.

The second cost, lost efficiency, goes beyond monetary loss: it includes operational strain, increased customer friction and churn, and competitive disadvantage. The $1 million in annual losses reported by firms, along with the operational setbacks these enterprises face when attacked, should be a clear call to action.

AI’s increasing presence is unavoidable. Companies need to adjust their security architectures for a world where fraudsters are persistent, adaptive, and relentless, with a myriad of AI tools at their disposal.

Enterprises that invest in real-time data-driven defenses designed for automated adversaries and modern privacy realities are better positioned to restore trust in their digital ecosystems.

mm

Dan Pinto brings over a decade of experience in tech. He began his career in software engineering, where he developed an interest in creating bots, but quickly shifted his focus to entrepreneurship. Dan has founded many small startups, including eBay stores, a tech blog, and even a forum for TV shows.

In 2014, Dan co-founded Machinio, a search engine for used machinery, which was later acquired by NASDAQ:LQDT in 2018. After this success, he co-founded Fingerprint, the world’s most accurate device identifier, which has raised over $77 million since its first funding round in 2020.

When he's not busy building companies, Dan enjoys spending time with his family — he lives in Chicago with his wife and their son.