Toward Quantitative Modeling of Cybersecurity Risks Due to AI Misuse

TL;DR

This paper develops a quantitative risk modeling framework to assess AI misuse in cybersecurity, analyzing attack uplift due to AI performance and employing expert and LLM-based estimates with Monte Carlo simulation.

Contribution

It introduces a detailed methodology for quantifying AI-related cybersecurity risks, integrating attack modeling, expert input, and uncertainty analysis, advancing beyond qualitative assessments.

Findings

AI increases attack efficacy, speed, and reach

Systematic uplift varies across different attack models

Quantitative estimates help refine risk assessments and mitigation strategies

Abstract

Advanced AI systems offer substantial benefits but also introduce risks. In 2025, AI-enabled cyber offense has emerged as a concrete example. This technical report applies a quantitative risk modeling methodology (described in full in a companion paper) to this domain. We develop nine detailed cyber risk models that allow analyzing AI uplift as a function of AI benchmark performance. Each model decomposes attacks into steps using the MITRE ATT&CK framework and estimates how AI affects the number of attackers, attack frequency, probability of success, and resulting harm to determine different types of uplift. To produce these estimates with associated uncertainty, we employ both human experts, via a Delphi study, as well as LLM-based simulated experts, both mapping benchmark scores (from Cybench and BountyBench) to risk model factors. Individual estimates are aggregated through Monte Carlo simulation. The results indicate systematic uplift in attack efficacy, speed, and target reach, with different mechanisms of uplift across risk models. We aim for our quantitative risk modeling to fulfill several aims: to help cybersecurity teams prioritize mitigations, AI evaluators design benchmarks, AI developers make more informed deployment decisions, and policymakers obtain information to set risk thresholds. Similar goals drove the shift from qualitative to quantitative assessment over time in other high-risk industries, such as nuclear power. We propose this methodology and initial application attempt as a step in that direction for AI risk management. While our estimates carry significant uncertainty, publishing detailed quantified results can enable experts to pinpoint exactly where they disagree. This helps to collectively refine estimates, something that cannot be done with qualitative assessments alone.