AI

🔎 Major Findings Across Sectors

• Chat GPT scored a perfect 100% and Gemini from Google achieved a 90% score.
  
  
• Although the sector overall performed well, low scores from some of the smaller players and the widespread explosion of GenAI services and speed to market resulted in some sub-par performances.

• The main danger for GenAI models is susceptibility to data poisoning attacks, which can lead to serious degradation of results and service levels to exposed models, and systematic data mining which hijacks free results for deployment into other paid service mashups.
  
  

⚠️ Threats & Weaknesses

• Bot-driven mapping, session replication, and login interface exposure were successful across many of the weaker performers. Automated bots were able to scan, map, and interact with authentication portals without encountering rate limits, anomaly detection, or session validation controls. Infiltration rates reached up to 95% on some domains, confirming a near-total absence of active defensive interception.

• No specific tests were performed for data poisoning at this stage.

• In many sites no behavioural response to bot-generated input or repeated access attempts was detected. Although all sites had Web Application Firewalls (WAFs) deployed, our simulations were able to complete reconnaissance and interaction phases without challenge - highlighting the limitations of legacy, perimeter-centric defence strategies.
  
  

🔓 Unlocking Results

VerifiedThreat assessments highlight which organisations:

• ✅ Have robust, resilient defences
  
  
• ⚠️ Are at risk of automation and bot-based exploitation
  
  
• 🚨 Face critical vulnerabilities if left unchecked
  
  

💡 Why This Matters

Understanding sector dynamics allows businesses to:

• Benchmark against industry peers
  
  
• Prioritise investment in external defence
  
  
• Strengthen customer trust by closing exposure gaps

‍

‍

‍