Digital & InnovationFeatured

Check Point Report Warns AI Is Accelerating Cyber Threats as Critical Vulnerabilities More Than Double

PARIS, July 2 — Artificial intelligence is reshaping the cyber threat landscape by enabling attackers to identify and exploit security weaknesses faster than many organisations can respond, according to a new global report released by Check Point Software Technologies.

The cybersecurity company unveiled its “Under Pressure: The 2026 Exposure Gap Report” at the Check Point Engage conference in Paris, highlighting a widening gap between the number of security exposures organisations can detect and the smaller proportion that requires immediate action.

The report found that critical vulnerability exposures more than doubled over the past year, with software vulnerabilities accounting for 42.6 per cent of all critical exposures in 2026, compared with 18.7 per cent a year earlier. Despite the sharp increase, only 7.8 per cent of vulnerability alerts were assessed as requiring immediate remediation after exploitability validation, indicating that the vast majority did not pose an urgent threat.

According to Check Point, the rapid adoption of automation and AI-assisted attack techniques is allowing cybercriminals to scan exposed systems, stolen credentials, phishing infrastructure and known software weaknesses across multiple organisations at a pace that exceeds traditional manual security processes.

The company said this trend has widened what it describes as the “exposure gap”—the difference between identifying security risks, determining which ones are genuinely exploitable and implementing timely remediation before attackers can take advantage of them.

The study also found that security risks are increasingly concentrated within a relatively small number of exposure categories. Vulnerabilities and internal information disclosure together accounted for 76 per cent of all critical exposures recorded during the study period.

Meanwhile, phishing-related threats continued to expand rapidly, with malicious phishing websites representing 10.5 per cent of critical exposures, a significant increase from just one per cent recorded a year earlier.

Despite the growing threat landscape, the report highlighted encouraging progress in organisational response capabilities. Across the industries analysed, organisations successfully implemented 85.9 per cent of recommended remediation measures, suggesting that structured exposure management programmes can substantially improve cybersecurity resilience.

Yochai Corem, Vice President and General Manager of Exposure Management at Check Point Software Technologies, said the growing volume of AI-assisted attacks makes effective prioritisation increasingly important.

He said organisations are no longer challenged simply by detecting vulnerabilities but by rapidly identifying the relatively small number of exposures that can realistically be exploited and addressing them before they affect business operations.

The report also found that some sectors are responding more quickly than others. Utilities recorded the highest proportion of organisations resolving critical exposures within one hour, while the fastest industry achieved a median remediation time of 12.6 hours.

Exposure patterns varied considerably across industries. Software vulnerabilities represented the majority of critical exposures in the utilities and government sectors, accounting for 78.2 per cent and 56.4 per cent respectively. In contrast, internal information disclosure emerged as the leading exposure category in healthcare and financial services, representing 63.6 per cent and 42.7 per cent of critical exposures.

Healthcare organisations recorded the slowest median remediation time at 158.8 hours despite maintaining a strong implementation rate for recommended fixes. The report attributed the slower response to factors such as legacy technology infrastructure, stringent clinical uptime requirements and complex change-management procedures.

Check Point said its exposure management platform integrates asset discovery, exploitability validation, risk prioritisation, security control assessment and remediation workflows into a unified system designed to help organisations reduce cyber risk before vulnerabilities are exploited by attackers.

 

wilayah.com.my

Related Articles

Back to top button