AI as a Force Multiplier in Cyberattacks: assessing ISO/IEC 27002:2022 against AI-augmented threats

Generative and agentic AI is changing how attackers behave faster than the frameworks meant to contain them. Assessing twelve ISO/IEC 27002:2022 controls against seven documented AI-enabled cyberattacks, this thesis finds that AI rarely exploits a control that is missing. Instead, it quietly erodes the empirical assumptions on which well-specified controls depend – turning compliance into an unreliable proxy for security.

Research context

Established security frameworks such as ISO/IEC 27002:2022 encode decades of accumulated experience about how attackers behave: how fast they move, how much expertise sophisticated attacks require, and how many targets a single actor can realistically pursue. Generative and agentic AI is now changing those behaviours faster than the frameworks that govern them. The pressing question is therefore not whether AI introduces entirely new categories of attack, but whether the controls organisations already rely on remain adequate once attackers are AI-augmented – a question the existing literature had not systematically addressed.

Research question and objectives

Does ISO/IEC 27002:2022 remain adequate against AI-augmented cyberattacks, and if not, why?

The thesis pursued three objectives: to develop an integrated analytical lens combining threat classification, multidimensional risk analysis, and control assessment; to apply that lens to a corpus of real, documented AI-enabled attacks; and to translate the findings into a structured assessment of the framework's adequacy and strategic recommendations for practice.

Methodology

The study followed a qualitative, abductive design built on three interlocking theoretical pillars: MITRE ATT&CK and the Cyber Kill Chain for adversary behaviour, multidimensional risk theory for how AI transforms the risk situation, and ISO/IEC 27002:2022 for the control perspective. This integrated framework was applied to a purposively selected corpus of seven documented cases — the Arup deepfake CFO fraud, the state-linked operations Forest Blizzard and Crimson Sandstorm, the AI-driven extortion campaign GTG-2002, the no-code ransomware-as-a-service operation GTG-5004, the North Korean IT-worker scheme, and the largely autonomous espionage campaign GTG-1002. Each case was coded across six dimensions, from attack phase and technique down to the specific control assumption that the AI-enabled capability undermines.

Key findings

The central finding is a distinction between an assumption gap and a control gap. AI rarely succeeds by exploiting a control that is missing from the catalogue. It succeeds by invalidating the empirical conditions on which an otherwise well-specified control silently depends – for example, that attacks unfold at human pace, that sophisticated capability requires scarce expertise, or that a trusted video call shows a real person.

Across the corpus, this erosion operates through four structural mechanisms: temporal (AI compresses attack timelines from days to hours), epistemic (AI removes the perceptual cues that controls use to distinguish legitimate from malicious activity), volumetric (AI dissolves the resource limits that once confined large-scale campaigns to well-funded actors), and architecture-level (stress that sits above any single control's specification).

Of twelve controls assessed, four contained assumptions that were decisively violated, four were eroded across multiple cases, and four came under pressure. The framework's inadequacy is concentrated not in what it specifies, but in the empirical conditions under which those specifications have historically produced secure outcomes.

Conclusion

ISO/IEC 27002:2022 remains substantially correct as a body of text. What has changed is the world its effectiveness quietly assumes. For organisations, the implication is uncomfortable but actionable: compliance is no longer a reliable proxy for security under AI-augmented threats, and the response lies less in adding new controls than in re-examining the assumptions beneath the existing ones. Or, as the thesis puts it: organisations that treat ISO/IEC 27002:2022 compliance as sufficient against AI-augmented adversaries are not wrong about the framework – they are wrong about the world.