scieee Science in your language
[en] (orig)

Mitigating third-party cyber risk using AI-powered threat intelligence and compliance analytics

Author: Adegbenro, Samson A; Hundeyin, Whenume O; Olinmah, Florence; Adaba, Chinedu A
Publisher: Zenodo
DOI: 10.5281/zenodo.17338708
Source: https://zenodo.org/records/17338708/files/WJARR-2025-1968.pdf
 Co esponding au ho : Samson A. Adegben o
Copy igh © 2025 Au ho (s) e ain he copy igh o his a icle. This a icle is published unde he e ms o he C ea i e Commons A ibu ion License 4.0.
Mi iga ing hi d-pa y cybe isk using AI-powe ed h ea in elligence and
compliance analy ics
Samson A. Adegben o 1, *, Whenume O. Hundeyin 2, Flo ence Olinmah 3 and Chinedu A. Adaba 4
1 Thi d Pa y Risk Audi , Global S a egy and En e p ise Pla o ms, USA.
2 Assu ance, Technology Risk, USA.
3 Risk Analy ics Repo ing, Risk Managemen , USA.
4 Managemen In o ma ion Sys ems, Bowie S a e Uni e si y, USA.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
Publica ion his o y: Recei ed on 30 Ma ch 2025; e ised on 16 May 2025; accep ed on 18 May 2025
A icle DOI: h ps://doi.o g/10.30574/wja .2025.26.2.1968
Abs ac
In an inc easingly in e connec ed digi al landscape, hi d-pa y ela ionships ha e eme ged as a c i ical ec o o cybe
isk exposu e ac oss indus ies. Inc easingly, o ganisa ions ely on ou side endo s, hos ed and cloud se ices and
supply chain pa ne s o deli e key se ices bu his eliance b ings wi h i ulne abili ies ha adi ional cybe secu i y
models a e no gene ally e ec i e a mi iga ing. Thi d-pa y ecosys ems a e complex in na u e, and combined wi h
a ying compliance pos u es and disjoin ed h ea isibili y, i becomes clea ha he app oach has o mo e om s a ic
isk assessmen o dynamic, in elligence-led p o ec ion. This pape de ails how AI can e olu ionize hi d-pa y isk
managemen h ough AI-powe ed h ea in elligence and compliance analy ics. We begin by con ex ualizing he hi d
pa y isk landscape, highligh ing key challenges such as insu icien endo anspa ency, dynamic h ea ac o s, and
egula o y agmen a ion. The s udy hen del es in o he a chi ec u e and unc ionali y o AI-d i en pla o ms ha
inges mul i-sou ce h ea eeds, beha io al indica o s, and compliance me ics o p oduce p edic i e isk sco es.
Th ough machine lea ning algo i hms, hese sys ems con inuously adap o eme ging a ack pa e ns and de ec
anomalies indica i e o comp omise wi hin endo ne wo ks. A majo ocus is placed on in eg a ing compliance
analy ics—enabling o ganiza ions o au oma ically assess endo s agains amewo ks such as NIST, ISO 27001, and
GDPR. This usion o h ea in elligence wi h egula o y mapping allows o p oac i e isk p io i iza ion and enhanced
endo segmen a ion. Case s udies and eal-wo ld applica ions demons a e how o ganiza ions using AI-based ools
ha e educed esponse imes, imp o ed audi eadiness, and minimized b each p opaga ion ac oss digi al supply
chains. By combining p edic i e AI modeling wi h au oma ed compliance en o cemen , o ganiza ions can mo e beyond
eac i e con ols o implemen a con inuous, isk-in o med app oach o hi d-pa y cybe go e nance.
Keywo ds: Thi d-Pa y Risk Managemen ; AI-Powe ed Th ea In elligence; Compliance Analy ics; Cybe secu i y
Au oma ion; Vendo Risk Sco ing; Supply Chain Secu i y
1. In oduc ion
1.1. The Expanding Digi al Ecosys em and Thi d-Pa y Dependencies
The digi al ans o ma ion o indus ies has led o a apidly expanding digi al ecosys em whe e o ganiza ions
inc easingly ely on a complex web o hi d-pa y endo s, cloud p o ide s, and IT se ice supplie s o ope a e
e icien ly. This in e connec ed en i onmen o e s signi ican ope a ional ad an ages scalabili y, specializa ion, cos
sa ings bu simul aneously in oduces new ulne abili ies and sys emic isks [1]. As digi al se ices become mo e
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2910
modula and ou sou ced, co e business unc ions a e now o en hos ed ou side o ganiza ional pe ime e s, blu ing he
lines o accoun abili y o cybe secu i y.
The hi d-pa y u ili ies ha e also shi ed om simple IT se ices o mo e essen ial asks such as s o ing da a, hos ing
applica ions, and p ocess au oma ion. While in second pa y con ol in such indus ies including heal hca e, inance and
manu ac u ing, hi d pa ies o en main ain sensi i e in o ma ion, p op ie a y algo i hms, and ope a ion echnology
ne wo ks [2]. These dependencies expand he a ack su ace, and cascade isks, whe e a single b eached endo can
comp omise secu i y o ens o 100s o cus ome o ganiza ions.
Recen ends, such as he ise o so wa e-as-a-se ice (SaaS), pla o m-as-a-se ice (PaaS), and complex API
in eg a ions, ha e c ea ed digi al supply chains wi h mul iple ie s o subcon ac o s and se ice nodes. O ganiza ions
o en ha e limi ed isibili y in o hese nes ed ela ionships, making i di icul o assess inhe i ed isks o en o ce
s anda dized secu i y p o ocols [3].
Mo eo e , egula o y amewo ks a e o en ou paced by echnological change, lea ing legal and compliance gaps in
c oss-bo de da a lows and endo accoun abili y. The eliance on hi d-pa y digi al se ices necessi a es a e hinking
o cybe secu i y s a egy mo ing om pe ime e de ense o ecosys em go e nance. As his a icle will show, hi d-pa y
isk managemen mus become a cen al ene o o ganiza ional cybe esilience in oday’s digi al age [4].
1.2. Rising Cybe Th ea s in Supply Chains
As digi al in e dependencies g ow, supply chains ha e become p ime a ge s o cybe c iminals, hack i is s, and s a e-
sponso ed ac o s. A acks on supplie s a e o en mo e e ec i e han di ec b eaches o ha dened co po a e ne wo ks,
as smalle endo s may lack obus cybe secu i y de enses ye e ain p i ileged access o c i ical sys ems [5]. This end
has ele a ed he u gency o supply chain cybe secu i y o a na ional and global secu i y conce n.
High-p o ile inciden s such as he Sola Winds b each and he Kaseya ansomwa e a ack exposed he ulne abili y o
digi al supply chains, whe e malicious code o unau ho ized access in il a ed us ed so wa e upda es and
main enance p o ocols [6]. These a acks a ec ed no jus he a ge ed i ms bu cascaded ac oss go e nmen s, inancial
ins i u ions, and in as uc u e p o ide s, highligh ing he sys emic na u e o he h ea .
Cybe h ea s in supply chains mani es in a ious o ms including malwa e injec ion, unau ho ized access, phishing
campaigns, and da a manipula ion. Th ea ac o s exploi weak iden i y con ols, poo pa ch managemen , and opaque
endo p ac ices o gain oo holds in en e p ise en i onmen s [7]. Adding o ha complexi y is he ac ha supply
ne wo ks ha e become inc easingly global, and companies also need o ac o in ju isdic ional isks, di e se egula o y
equi emen s and geopoli ical isks. E en wi h highe le els o awa eness and sophis ica ed a acks, many businesses
lack ull hi d-pa y isk assessmen s, ongoing moni o ing and con ac ual cybe secu i y equi emen s in endo
ag eemen s. Howe e , as ad e sa ies con inue o ake ad an age o hese gaps, supply chains ha e become one o he
mos exploi ed and unde -secu ed h ea ec o s in oday’s cybe isk landscape.[8].
1.3. Pu pose and Scope o he A icle
The pu pose o his a icle is o explo e he e ol ing isks posed by hi d-pa y digi al dependencies and o ou line
s a egic measu es o enhancing cybe secu i y esilience in supply chains. As digi al ecosys ems become inc easingly
in e connec ed, he lines be ween in e nal and ex e nal isk owne ship blu , making i essen ial o o ganiza ions o
adop holis ic and adap i e cybe de ense amewo ks [9].
This a icle aims o p o ide a mul i-dimensional analysis o hi d-pa y cybe isks, g ounded in cu en h ea
landscapes, eal-wo ld case s udies, and eme ging bes p ac ices. I discusses he d i e s behind he p oli e a ion o
digi al dependencies and ou lines he common ulne abili ies exploi ed by h ea ac o s in supply chain en i onmen s.
The a icle also p esen s key egula o y ends and go e nance models shaping endo isk o e sigh , including ze o-
us a chi ec u e, con inuous assu ance, and cybe insu ance in eg a ion [10].
The scope o he analysis spans bo h echnical and o ganiza ional domains. On he echnical on , i explo es
inno a ions in eal- ime moni o ing, au oma ed h ea de ec ion, and endo access con ol. I co e s, in e alia,
o ganisa ional accoun abili y a boa d le el, c oss unc ional wo king and he con ac -based en o cemen o cybe
secu i y. In his way, his pape adds o ou unde s anding o wha is needed o public and indus y ac o s o wo k
oge he o secu e digi al alue chains and i does so based on analysis o whe e he e a e gaps, challenges and
oppo uni ies in managing hi d-pa y cybe secu i y isk. Policy ecommenda ions and a o wa d-looking oadmap
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2911
o he de elopmen o supply chain cybe secu i y amewo ks ha can ope a e in he cons an ly changing h ea
landscape is p esen ed a he end o his sec ion [11].
2. Unde s anding hi d-pa y cybe isk
2.1. De ining Thi d-Pa y Risk in Cybe secu i y Con ex
Thi d-pa y isk in cybe secu i y e e s o he po en ial h ea s and ulne abili ies ha a ise om an o ganiza ion’s
eliance on ex e nal en i ies o pe o m business unc ions, manage da a, o p o ide echnology se ices. These
ou side s could be so wa e supplie s, public cloud p o ide s, he IT consul ancy, logis ics companies o e en
subcon ac o s who ge on a company's ne wo k emo ely. The di icul y is he hi d-pa y has escala ed p i ileges and
access o he in as uc u e o a deepe ex en wi h less ocussed secu i y sc u iny, in compa ison o in e nal ope a ions
[5]. This isk is compounded in he hype connec ed wo ld o oday, whe e business models a e inc easingly elian on
ou sou cing and digi al supply chains. The isk om hi d-pa ies is no only limi ed o di ec pa ne s, i encompasses
also sub- endo s and ou h-pa y supplie s, hus leading o a complex mesh o nes ed and s eal hy dependency [6]. A
weakness o iola ion a any laye wi hin his b oad in as uc u e could weaken o b each he whole sys em, causing
da a loss, penal ies, dis up ion o business and damage o epu a ion. Unlike ypical inside h ea s, o ex e nal h ea s,
hi d-pa y h ea s a ise om us ed ela ionship, and as such, hey a e inhe en ly di icul o de ec and e en mo e
p oblema ic o mi iga e.” These dange s a e mo e han jus echnical; hey include compliance lapses, b eaches o
con ac , and a lack o due diligence. Fo ins ance, a ailu e by endo o comply wi h da a p o ec ion laws may esul
in he hi ing o ganisa ion incu ing egula o y ines [7]. As i con inues o e ol e, o ganiza ions will need a wide
ne wo k secu i y isk lens ha includes hi d-pa y a ack ec o s in o de o adop a con inuous isk assessmen .
Enabling and Managing Thi d-Pa y T us Thi d-pa y isk managemen is now i al o all o ganiza ions, a he han
op ional, o Deciphe ing obliga ion om s a egic impe a i e and compelling companies o main ain us , compliance,
and ope a ional in eg i y in a digi al ecosys em ha is apidly g owing [8].
2.2. His o ical B eaches and High-P o ile Inciden s
Figu e 1 A imeline o such landma k inciden s and hei co esponding business impac s. These b eaches e lec a
ecu ing pa e n: us ed hi d pa ies a e o en he weakes links in an o ganiza ion’s cybe secu i y chain. Wi hou
obus o e sigh , hese pa ne ships can inad e en ly in i e sys emic isk, ampli ying he u gency o comp ehensi e
and con inuous hi d-pa y isk go e nance [12]
A s ing o high-p o ile cybe a acks in he pas decade has highligh ed he ca as ophic impac o insu icien hi d
pa y isk managemen . These examples demons a e how holes in endo sys ems can be exploi ed o launch la ge
o ensi es ha dis up c i ical se ices and expose la ge caches o sensi i e da a. Some o he mos no o ious include
he 2020 Sola Winds b each, in which a acke s ampe ed wi h a so wa e upda e o he O ion IT moni o ing pla o m
by placing malwa e in an o he wise ou ine so wa e upda e. The so wa e was used by mo e han 18,000
o ganiza ions a ound he wo ld, including Ame ican ede al agencies and Fo une 500 companies. I ook mon hs o
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2912
de ec he b each gi ing he enemy deep pene a ion o in e nal sys ems [9]. Re ail supe powe Ta ge ell ic im o a
massi e da a b each in 2013 which comp omised he c edi ca d and pe sonal in o ma ion o mo e han 40 million
cus ome s. The in ude s en e ed using a hi d-pa y HVAC endo , demons a ing he po en ial cybe isk in supplie s
ha don’ ocus on IT. I caused hund eds o millions o dolla s in losses and a huge epu a ion loss [10]. A second majo
hack ook place in 2021 wi h Kaseya, a emo e managemen so wa e supplie . Ransomwa e should ha e inc eased by
'a leas ' 190% ac oss he boa d A acke s exploi ed ze o day bugs o unleash ansomwa e on mo e han 1,500
downs eam o ganisa ions. This inciden illus a ed how se ice p o ide s wi h ex ensi e access igh s can become a
high- alue a ge o supply chain a acks [11].
2.3. Ca ego ies o Thi d-Pa y Risk: Technical, Legal, and Repu a ional
Thi d-pa y isk in cybe secu i y spans se e al in e connec ed domains, wi h he mos c i ical being echnical, legal,
and epu a ional isks. Unde s anding hese ca ego ies helps o ganiza ions p io i ize con ols and alloca e esou ces
e ec i ely in managing hei ex ended en e p ise en i onmen [13].
Technical isk e e s o ulne abili ies ha a ise om he in eg a ion o hi d-pa y so wa e, sys ems, o se ices in o
an o ganiza ion’s digi al in as uc u e. These may include unpa ched so wa e, miscon igu ed cloud en i onmen s,
comp omised APIs, o malicious upda es. Technical isks a e exace ba ed when endo s lack basic secu i y hygiene,
such as mul i- ac o au hen ica ion o enc yp ion p o ocols [14]. A acke s o en exploi hese echnical en y poin s o
gain unau ho ized access o launch malwa e campaigns.
Legal isk in ol es exposu e o compliance iola ions and egula o y penal ies due o he ac ions o omissions o hi d-
pa y p o ide s. Fo example, unde da a p o ec ion amewo ks such as he GDPR o HIPAA, an o ganiza ion can be
held liable o b eaches caused by i s endo s i i ails o conduc due diligence o lacks en o ceable da a p ocessing
ag eemen s. Legal isk also encompasses b each o con ac , in ellec ual p ope y iola ions, and c oss-bo de da a
ans e in ac ions [15].
Repu a ional isk esul s om public allou ollowing a hi d-pa y- ela ed b each. Nega i e media co e age,
cus ome dis us , and loss o in es o con idence can ha e long-las ing e ec s ha go beyond immedia e inancial
losses. Fo ins ance, high-p o ile b eaches can e ode b and equi y and lead o cus ome a i ion, especially in indus ies
like inance and heal hca e, whe e da a in eg i y is pa amoun [16].
These isk ca ego ies a e no mu ually exclusi e. A single endo inciden can igge echnical dis up ions, egula o y
inqui ies, and epu a ional damage simul aneously. The e o e, comp ehensi e isk assessmen s mus inco po a e
mul i ac o e alua ions ha ex end beyond adi ional checklis s and co e he ull isk spec um posed by hi d-pa y
pa ne ships [17].
2.4. Challenges in T adi ional Risk Managemen App oaches
Con en ional isk managemen amewo ks o en all sho in add essing he complexi ies o hi d-pa y cybe secu i y
h ea s. T adi ional app oaches ypically ely on s a ic isk assessmen s conduc ed a he onboa ding phase, wi h
minimal ollow-up o con inuous o e sigh . This snapsho iew ails o cap u e he e ol ing h ea landscape, especially
as endo s upda e sys ems, change subcon ac o s, o expand se ice o e ings o e ime [18].
Ano he limi a ion is he o e - eliance on sel -assessmen ques ionnai es and documen a ion, which may be
incomple e, ou da ed, o o e ly op imis ic. Wi hou independen e i ica ion o eal- ime h ea in elligence,
o ganiza ions may unknowingly en us sensi i e da a o access o ulne able endo s. Mo eo e , siloed in e nal
s uc u es whe e p ocu emen , legal, and IT depa men s ope a e independen ly u he hinde in eg a ed hi d-pa y
isk managemen [19].
Resou ce cons ain s also play a ole. Many o ganiza ions lack he ools, pe sonnel, o expe ise o moni o dozens o
hund eds o endo ela ionships. As a esul , cybe secu i y eams p io i ize high- alue endo s and o e look smalle
supplie s who may s ill hold c i ical access p i ileges.
Finally, he absence o s anda dized benchma ks and in e ope abili y amewo ks complica es e o s o assess and
compa e endo isk consis en ly ac oss sec o s. These gaps necessi a e a shi owa d dynamic, in elligence-led, and
go e nance-d i en hi d-pa y isk s a egies ha a e be e sui ed o oday’s hype connec ed digi al en i onmen [20].
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2913
3. The case o AI in cybe isk mi iga ion
3.1. Limi a ions o S a ic Risk Assessmen Models
S a ic isk assessmen models ha e his o ically o med he backbone o cybe secu i y amewo ks, pa icula ly in hi d-
pa y isk managemen . These models ypically ely on p e-de ined checklis s, pe iodic ques ionnai es, and one- ime
secu i y e iews conduc ed du ing he endo onboa ding p ocess. While such assessmen s p o ide a snapsho o a
endo ’s cybe secu i y pos u e a a gi en ime, hey ail o cap u e he dynamic na u e o e ol ing h ea s and sys em
changes [9].
One key limi a ion is hei inabili y o accoun o eal- ime ulne abili ies o h ea ac o beha io s. As h ea
landscapes e ol e apidly wi h ze o-day exploi s, ansomwa e a ian s, and phishing echniques cons an ly eme ging
s a ic models become ou da ed sho ly a e deploymen . This ime lag lea es o ganiza ions blind o isks in oduced
a e he ini ial assessmen , especially when endo s upda e so wa e, onboa d subcon ac o s, o change hei secu i y
p ac ices wi hou no i ica ion [10].
Addi ionally, s a ic models o en ely hea ily on sel - epo ed da a, which may be inaccu a e, incomple e, o o e ly
op imis ic. Wi hou con inuous alida ion o li e eleme y, o ganiza ions isk basing hei decisions on ou da ed o
un eliable in o ma ion. These models also s uggle o scale ac oss inc easingly complex digi al supply chains, whe e
hund eds o endo s ope a e wi h a ying isk p o iles [11].
Ul ima ely, he s a ic app oach ails o p o ide he si ua ional awa eness equi ed o mode n cybe secu i y esilience.
As h ea ac o s g ow mo e sophis ica ed and pe sis en , o ganiza ions mus ansi ion owa d adap i e, eal- ime
amewo ks ha le e age au oma ion, beha io al analy ics, and h ea in elligence o keep pace wi h he cons an ly
shi ing cybe isk landscape [12].
3.2. Ad an ages o AI-Powe ed Th ea In elligence
AI-powe ed h ea in elligence o e s a ans o ma i e leap in how o ganiza ions de ec , analyze, and espond o
cybe secu i y h ea s pa icula ly hose a ising om hi d-pa y ecosys ems. Unlike con en ional ools, which ope a e
on ixed ule se s o equi e human in e en ion, AI models use machine lea ning and da a mining echniques o iden i y
anomalies, o ecas h ea s, and lea n om e ol ing a acke beha io [13].
Table 1 Compa ison o Con en ional Th ea De ec ion s. AI-Powe ed Models
Fea u e
Con en ional De ec ion
AI-Powe ed De ec ion
De ec ion Logic
Rule-based, s a ic signa u es
Beha io al, anomaly-based
Da a P ocessing Volume
Limi ed
Massi e, eal- ime
Response Time
Manual o delayed
Au oma ed, nea -ins an aneous
Adap abili y o New Th ea s
Requi es manual upda es
Con inuously sel -lea ning
False Posi i e Managemen
High and epe i i e
Con ex -awa e il e ing
Supply Chain Risk Visibili y
Low
High, c oss- endo pa e n de ec ion
One signi ican ad an age o AI lies in i s capaci y o p ocess massi e olumes o s uc u ed and uns uc u ed da a in
eal ime. Sou ces include i ewall logs, endpoin eleme y, da k web moni o ing, phishing email pa e ns, and h ea
eeds om endo ecosys ems. AI algo i hms analyze hese inpu s o unco e hidden co ela ions and de ec ea ly
indica o s o comp omise be o e damage occu s [14]. This eal- ime isibili y is especially aluable in supply chains,
whe e isks may eme ge om obscu e o lowe - ie endo s.
Ano he s eng h is adap abili y. AI models e ol e by aining on esh da a, enabling hem o ecognize p e iously
unseen malwa e signa u es, command-and-con ol domains, and a ack ec o s. This lea ning p ocess empowe s
o ganiza ions o s ay ahead o h ea ac o s who cons an ly change hei ac ics o bypass adi ional de enses [15]. Fo
example, deep lea ning models can dis inguish be ween no mal and anomalous login beha io s ac oss dis ibu ed
endo accoun s, aising ale s on po en ial c eden ial abuse.

Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2914
AI also enhances p io i iza ion. By assessing isk based on h ea se e i y, asse c i icali y, and business con ex , AI
helps secu i y eams ocus on high-impac inciden s. This isk-based iaging minimizes ale a igue and imp o es
esponse ime, especially when applied wi hin Secu i y In o ma ion and E en Managemen (SIEM) o Ex ended
De ec ion and Response (XDR) pla o ms [16].
Mo eo e , AI-d i en ools can au oma e emedia ion ac ions such as e oking endo access, isola ing comp omised
de ices, o lagging suspicious API calls. These ac ions no only educe manual wo kload bu also accele a e
con ainmen , limi ing la e al mo emen wi hin ne wo ks [17].
By emb acing AI-powe ed h ea in elligence, o ganiza ions gain he agili y, dep h, and o esigh needed o secu e
in e connec ed digi al ecosys ems. I ede ines h ea de ec ion om a eac i e exe cise o a p oac i e de ense s a egy
aligned wi h mode n cybe isk eali ies [18].
3.3. AI and he E olu ion o Con inuous Moni o ing Pa adigms
Con inuous moni o ing ep esen s a shi om episodic o ongoing cybe secu i y igilance an app oach i al o
managing hi d-pa y isks in an e a o pe sis en h ea s and complex digi al supply chains. AI plays a cen al ole in
his e olu ion by enabling eal- ime, in elligen su eillance o asse s, use s, and endo ecosys ems [19].
T adi ional moni o ing elied on pe iodic scans, scheduled audi s, o manual log e iews, o en esul ing in delayed
de ec ion and eac i e mi iga ion. In con as , AI-in eg a ed moni o ing sys ems con inuously inges eleme y om
endpoin s, ne wo ks, APIs, and ex e nal h ea eeds o build dynamic baselines o expec ed beha io . De ia ions om
hese baselines such as abno mal da a ans e s, p i ilege escala ions, o access a emp s ou side business hou s a e
lagged ins an ly o in es iga ion [20].
In hi d-pa y isk con ex s, AI enhances isibili y by mapping he digi al oo p in o endo s ac oss sys ems, lagging
policy iola ions, and assessing isk pos u e in eal ime. Fo ins ance, Na u al Language P ocessing (NLP) algo i hms
can pa se endo con ac s and lag ambiguous secu i y clauses, while machine lea ning can e alua e his o ical b each
pa e ns o o ecas endo isk sco es [21].
AI-powe ed con inuous moni o ing also suppo s “ us bu e i y” p inciples h ough au oma ed alida ion o endo
compliance. This includes acking adhe ence o Se ice Le el Ag eemen s (SLAs), e i ying enc yp ion s anda ds, and
con i ming endpoin p o ec ion. Ale s a e in eg a ed in o dashboa ds, p o iding cybe secu i y eams and execu i es
wi h ac ionable in elligence o decision-making.
Impo an ly, con inuous AI-d i en moni o ing acili a es apid inciden esponse. I enables he au oma ic suspension
o hi d-pa y connec ions in he e en o de ec ed anomalies and igge s o ensics pipelines o con ain b eaches ea ly.
This capabili y is essen ial gi en ha mode n b eaches can p opaga e ac oss ne wo ks wi hin minu es [22].
As cybe h ea s g ow mo e agile and supply chains mo e opaque, AI-powe ed con inuous moni o ing becomes
indispensable. I o e s a p oac i e, scalable, and con ex -awa e de ense a chi ec u e laying he g oundwo k o eal-
ime go e nance and adap i e cybe esilience in hi d-pa y ecosys ems.
4. F amewo ks and a chi ec u es o AI-powe ed h ea in elligence
4.1. Co e Componen s o AI-Based Risk Managemen Pla o ms
AI-based isk managemen pla o ms a e enginee ed o p o ide con inuous, scalable, and con ex -awa e o e sigh o
cybe h ea s pa icula ly in ecosys ems wi h ex ensi e hi d-pa y ela ionships. These pla o ms combine mul iple
echnological laye s ha wo k in syne gy o au oma e h ea de ec ion, p io i ize isks, and enable imely in e en ions.
A hei co e, such sys ems consis o da a acquisi ion modules, machine lea ning (ML) engines, eal- ime dashboa ds,
and in eg a ed o ches a ion in e aces [14].
The i s co e componen is he da a inges ion laye , which collec s s uc u ed and uns uc u ed da a om mul iple
sou ces in e nal logs, ne wo k eleme y, endo APIs, sys em con igu a ions, and cloud ac i i y. This laye ensu es ha
da a olume, eloci y, and a ie y a e handled e icien ly, enabling pla o ms o ack changes in he a ack su ace o e
ime [15].
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2915
Nex is he ea u e enginee ing module, whe e aw da a is ans o med in o meaning ul a ibu es o machine lea ning.
This in ol es ex ac ing indica o s such as login equency, ile access pa e ns, po ac i i y, and geoloca ion anomalies,
which se e as p edic o s o po en ial comp omise. These enginee ed ea u es enhance he quali y and g anula i y o
he models’ lea ning capabili y [16].
The ML analy ics engine is he in elligence co e. I houses a ious algo i hms o classi ica ion, clus e ing, and eg ession
o de ec malicious ac i i y. This includes anomaly de ec ion models ha lag de ia ions om baseline beha io and
supe ised models ained on his o ical b eaches. Some pla o ms also deploy ensemble echniques o imp o e model
accu acy and educe alse posi i es [17].
Ano he essen ial componen is he use in e ace and isualiza ion dashboa d, which p esen s isk sco es, eal- ime
ale s, and end analyses o cybe secu i y analys s and decision-make s. These dashboa ds o en in eg a e wi h
Secu i y O ches a ion, Au oma ion, and Response (SOAR) pla o ms o au oma ed inciden handling [18].
Figu e 2 A ypical sys em a chi ec u e o an AI-powe ed hi d-pa y cybe isk pla o m, showing he in e connec ion
be ween inges ion, p ocessing, modeling, isualiza ion, and esponse mechanisms
Finally, in eg a ion laye s wi h exis ing ools like SIEM, endpoin p o ec ion pla o ms, and go e nance isk and
compliance (GRC) so wa e ensu e in e ope abili y and scalabili y. These co e componen s collec i ely ans o m AI
isk pla o ms in o eal- ime gua dians o hi d-pa y cybe secu i y hygiene, b idging gaps le by manual assessmen s
and s a ic de enses [19].
4.2. Da a Inges ion, Fea u e Enginee ing, and Anomaly De ec ion
E ec i e AI-based hi d-pa y cybe isk pla o ms ely hea ily on sophis ica ed da a inges ion and ea u e enginee ing
pipelines. These pipelines se e as he ounda ion upon which anomaly de ec ion and h ea a ibu ion mechanisms
a e buil . The quali y, di e si y, and imeliness o inpu da a di ec ly a ec he accu acy and eliabili y o AI p edic ions
[20].
Da a inges ion begins wi h he con inuous collec ion o da a om mul iple sou ces. These may include i ewall logs,
in usion de ec ion sys ems (IDS), endo access eco ds, endpoin senso s, and cloud se ice APIs. Addi ional sou ces
may encompass iden i y and access managemen (IAM) ools, De Ops pipelines, and sys em heal h me ics. S eam
p ocessing amewo ks like Apache Ka ka o Flink a e commonly employed o suppo eal- ime inges ion, enabling he
de ec ion o as -mo ing h ea s be o e hey p opaga e ac oss sys ems [21].
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2916
Once collec ed, his da a is passed o ea u e enginee ing modules, whe e i is s uc u ed and en iched o p o ide
meaning ul con ex . Fea u e enginee ing may in ol e agg ega ing access equency by use , encoding login ime
pa e ns, o calcula ing en opy in command-line beha io . De i ed me ics such as a e age dwell ime, access de ia ion
index, o p o ocol equency become aluable p edic o s o isk beha io in endo en i onmen s [22].
Anomaly de ec ion algo i hms hen analyze hese enginee ed ea u es o lag de ia ions om expec ed pa e ns. These
may include s a is ical models such as Gaussian Mix u e Models (GMM) o K-means clus e ing, and ML-based
app oaches such as Isola ion Fo es s o Au oencode s. Fo example, i a hi d-pa y se ice accoun ini ia es p i ileged
ac ions ou side o i s baseline ac i i y window, he sys em can igge ale s and e en au oma e con ainmen ac ions
[23].
Some pla o ms also inco po a e hyb id de ec ion amewo ks combining ule-based h esholds wi h adap i e lea ning
algo i hms o balance p ecision and ecall. This is c ucial in hi d-pa y ecosys ems, whe e beha io al baselines may
a y widely be ween endo s due o di e ing se ice oles, geog aphies, o ope a ional no ms [24].
The combina ion o igo ous da a inges ion, ad anced ea u e ex ac ion, and con ex -awa e anomaly de ec ion equips
o ganiza ions o de ec and espond o po en ial h ea s in eal- ime. I enables cybe eams o mo e beyond signa u e-
based models and emb ace beha io al insigh s ailo ed o he speci ic isks posed by ex e nal en i ies.
4.3. In eg a ing Open-Sou ce In elligence (OSINT) and P op ie a y Feeds
In eg a ing Open-Sou ce In elligence (OSINT) and p op ie a y h ea eeds signi ican ly enhances he h ea de ec ion
capabili ies o AI-based hi d-pa y isk pla o ms. OSINT e e s o publicly a ailable in o ma ion sou ces such as h ea
o ums, CVE eposi o ies, secu i y blogs, leaked c eden ial da abases, and social media cha e . These sou ces o e ea ly
indica o s o h ea ac o in en , eme ging malwa e s ains, and comp omised endo accoun s [25].
By mining OSINT, AI models can dynamically upda e h ea landscapes and de ec co ela ions be ween obse ed
endo ac i i y and known malicious beha io s. Fo ins ance, i a endo ’s IP add ess is lagged in a h ea in elligence
eed o hos ing phishing in as uc u e, he pla o m can c oss- e e ence ha wi h in e nal access logs o apid h ea
a ibu ion.
P op ie a y eeds om cybe secu i y endo s add ano he laye o p ecision. These include cu a ed h ea signa u es,
h ea ac o p o iles, ulne abili y in elligence, and exploi de ec ion amewo ks. Combining OSINT wi h hese
comme cial da ase s p o ides iche con ex o p edic i e models, allowing he sys em o di e en ia e be ween benign
anomalies and c edible h ea s [26].
E ec i e in eg a ion in ol es aligning OSINT and p op ie a y eed inges ion wi h AI ea u e se s, c ea ing used
indica o s o comp omise (IOCs) and enhancing de ec ion logic. This usion suppo s p e-emp i e de enses and
s eng hens si ua ional awa eness ac oss hi d-pa y ecosys ems.
4.4. Role o Na u al Language P ocessing (NLP) in Th ea A ibu ion
Na u al Language P ocessing (NLP) plays a pi o al ole in enhancing he analy ical dep h o AI-based isk pla o ms,
pa icula ly in he domain o h ea a ibu ion. As cybe h ea in elligence o en esides in uns uc u ed ex
ad iso ies, inciden epo s, da k web con e sa ions NLP echniques a e used o ex ac ac ionable insigh s and map
hem o speci ic h ea ac o s o campaigns [27].
Fo example, NLP algo i hms can pa se endo audi logs, news a icles, o b each disclosu es o de ec indica o s like
h ea ac o aliases, a ack ec o s, o exploi ed CVEs. Named En i y Recogni ion (NER) and opic modeling help classi y
en i ies such as malwa e ypes, a ack echniques (e.g., phishing o p i ilege escala ion), and empo al cues ha
es ablish when he h ea was obse ed [28].
Sen imen analysis and seman ic simila i y models can u he iden i y u gency o c edibili y wi hin h ea na a i es.
This is pa icula ly use ul when assessing cha e abou ze o-day ulne abili ies linked o known endo s. Once
p ocessed, his in elligence eeds in o a ibu ion engines, allowing secu i y eams o co ela e hi d-pa y ac i i y wi h
speci ic h ea campaigns.
Ul ima ely, NLP b idges he gap be ween human- eadable h ea in elligence and machine-d i en isk sco ing,
ans o ming ex ual da a in o s uc u ed knowledge ha sha pens a ibu ion accu acy and esponse p io i iza ion
ac oss complex endo landscapes [29].
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2917
5. Compliance analy ics and au oma ed go e nance
5.1. O e iew o Regula o y and Indus y S anda ds
The in eg a ion o AI in o hi d-pa y cybe isk managemen mus align wi h exis ing egula o y and indus y
amewo ks o ensu e legal compliance, da a in eg i y, and e hical accoun abili y. Key global s anda ds such as NIST
(Na ional Ins i u e o S anda ds and Technology), ISO/IEC 27001, GDPR (Gene al Da a P o ec ion Regula ion), ISO/IEC
42001 and HIPAA (Heal h Insu ance Po abili y and Accoun abili y Ac ) se ounda ional equi emen s o in o ma ion
secu i y, isk assessmen , p i acy, and endo go e nance [19].
These amewo ks, hough di e se in scope, sha e common goals: o enhance da a p o ec ion, p omo e anspa ency,
and ensu e o ganiza ional accoun abili y. NIST's Cybe secu i y F amewo k emphasizes isk-based app oaches o
iden i y, de ec , espond, and eco e om cybe inciden s. ISO/IEC 27001 p o ides a s uc u ed in o ma ion secu i y
managemen sys em (ISMS) applicable ac oss sec o s. Meanwhile, GDPR manda es explici da a p ocessing con ols and
accoun abili y o hi d-pa y da a handling wi hin he EU. HIPAA, p ima ily ocused on heal hca e, ou lines s ingen
ules o p o ec ed heal h in o ma ion (PHI), including hi d-pa y access and audi ing [20].
When applied o AI-d i en pla o ms, hese amewo ks guide how sys ems mus manage da a p i acy, algo i hmic
accoun abili y, and con ol en o cemen . Fo ins ance, GDPR equi es AI models o ensu e explainabili y and p o ide
da a subjec s wi h he igh o access, co ec , o dele e pe sonal da a cons ain s ha in luence bo h model a chi ec u e
and da a e en ion policies [21].
Table 2 Maps each majo s anda d o ele an AI analy ics unc ions
F amewo k
Mapped AI Func ions
NIST CSF
Anomaly de ec ion, esponse au oma ion, isk sco ing
ISO 27001
Asse in en o y classi ica ion, con inuous compliance acking
GDPR
Da a minimiza ion, explainable AI, consen alida ion
HIPAA
Access logging, PHI enc yp ion modeling, audi ails
ISO/IEC 42001
AI li ecycle go e nance, algo i hmic accoun abili y, bias mi iga ion, human o e sigh
Adhe ing o hese amewo ks ensu es ha AI-enhanced hi d-pa y isk pla o ms suppo no only ad anced analy ics
bu also egula o y us wo hiness and e hical esilience [22].
5.2. Dynamic Vendo Risk P o iling and Sco ing
Dynamic endo isk p o iling is a co ne s one o AI-enabled hi d-pa y isk managemen , o e ing eal- ime e alua ion
o a endo ’s cybe secu i y pos u e ac oss echnical, legal, and ope a ional dimensions. T adi ional isk sco ing o en
based on annual su eys o subjec i e assessmen s ails o e lec he apidly changing h ea landscape o he e ol ing
isk beha io o endo s pos -onboa ding [23].
AI-d i en p o iling models u ilize li e eleme y, h ea eeds, beha io al baselines, and con ex ual me ada a o c ea e
dynamic and con inuously upda ed endo isk sco es. These sco es a e calcula ed based on weigh ed indica o s such
as pa ch cadence, endpoin secu i y con igu a ion, hi d-pa y so wa e exposu e, da a esidency compliance, and
his o ical inciden equency. Sco es can be ailo ed by c i icali y le el, sec o , o da a access scope, p o iding
g anula i y ha enables p ecision a ge ing o mi iga ion e o s [24].
Fo example, a endo p o iding back-end IT se ices wi h ele a ed admin p i ileges would be assessed di e en ly
om a endo handling ma ke ing analy ics. Risk models assign isk mul iplie s based on access le els, sec o al isk
(e.g., heal hca e o inance), and egional h ea ec o s, such as geopoli ical ins abili y o da a so e eign y conce ns.
Ad anced sys ems use Bayesian in e ence and ein o cemen lea ning o e ine isk weigh s as new da a becomes
a ailable [25].
In eg a ing his sco ing in o p ocu emen and compliance p ocesses enables sma e endo selec ion and
pe o mance-based con ac enewals. O ganiza ions can also se h eshold ale s, igge ing au oma ed policy e iews
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2924
Addi ionally, AI ools a e mos e ec i e when coupled wi h human-in- he-loop o e sigh . Analys s a e essen ial o
e ining model ou pu s, con ex ualizing anomalies, and adjus ing decision h esholds. AI augmen s human expe ise bu
does no eplace s a egic judgmen .
Las ly, ea ly adop e s no ed ha egula o y engagemen imp o ed when AI pla o ms we e equipped wi h audi -
iendly ea u es like explainable models, aceable logs, and compliance dashboa ds—helping o ganiza ions
demons a e due diligence in hi d-pa y isk managemen and build us wi h egula o s [41].
9. Limi a ions, challenges, and e hical conside a ions
9.1. Da a P i acy and AI T anspa ency Challenges
As o ganiza ions deploy AI-d i en pla o ms o hi d-pa y cybe isk managemen , da a p i acy and anspa ency
eme ge as c i ical challenges. These sys ems ely hea ily on con inuous da a inges ion, including logs, ne wo k ac i i y,
endo c eden ials, and e en con ac me ada a. When handling pe sonally iden i iable in o ma ion (PII) o sensi i e
business da a, p i acy isks inc ease pa icula ly in ju isdic ions go e ned by s ic amewo ks like GDPR and CCPA
[35].
A majo conce n lies in he opaci y o AI models. Complex algo i hms—especially deep neu al ne wo ks may make high-
impac isk p edic ions wi hou clea , in e p e able logic, which con lic s wi h legal equi emen s o algo i hmic
explainabili y and indi idual igh s o con es au oma ed decisions. The lack o anspa ency also makes i di icul o
audi o alida e decisions made by AI abou hi d-pa y endo s, which can e ode s akeholde us [36].
Addi ionally, o ganiza ions ace di icul y in managing da a minimiza ion and pu pose limi a ion p inciples when AI
sys ems con inuously collec eleme y beyond o iginally in ended scopes. These conce ns unde sco e he need o
in eg a ing p i acy-by-design p inciples and explainable AI (XAI) echniques, such as SHAP o LIME, in o endo isk
analy ics wo k lows [37].
Balancing secu i y insigh s wi h e hical da a go e nance is essen ial o complian , esponsible use o AI in hi d-pa y
ecosys ems ensu ing pla o ms enhance esilience wi hou comp omising p i acy.
9.2. Ad e sa ial A acks and Model Robus ness Risks
AI models used in hi d-pa y cybe isk pla o ms a e inc easingly suscep ible o ad e sa ial a acks, which exploi
model weaknesses h ough manipula ed inpu s o p oduce misleading ou comes. In he con ex o endo su eillance,
a acke s may injec specially c a ed da a such as disguised access logs o benign-looking API ac i i y o bypass
anomaly de ec ion sys ems [38].
Ad e sa ial machine lea ning echniques, such as e asion a acks and da a poisoning, pose a di ec h ea o model
obus ness. In e asion a acks, h ea ac o s sub ly al e inpu ea u es o all wi hin accep able h esholds, decei ing
he AI in o classi ying malicious beha io as legi ima e. Da a poisoning in ol es co up ing aining da a o misguide
he model du ing lea ning, unde mining p edic i e accu acy and inc easing alse nega i es [39].
These ulne abili ies no only educe de ec ion e ec i eness bu can also e ode us in au oma ed sys ems i
unadd essed. O ganiza ions deploying AI ools mus he e o e implemen obus ness es ing, such as ad e sa ial
aining, inpu alida ion, and simula ion o edge-case scena ios, o s eng hen model esilience [40].
Addi ionally, in eg a ing human e iew checkpoin s and anomaly escala ion laye s can mi iga e he ope a ional isk o
o e eliance on ully au onomous sys ems. As cybe ad e sa ies e ol e, de ending he AI i sel becomes as c i ical as
using i o de end in as uc u e.
9.3. E hical Use o AI in Vendo Su eillance
While AI ools signi ican ly enhance hi d-pa y isk isibili y, hey also aise impo an conce ns abou he e hical
bounda ies o su eillance, especially when applied o endo s, con ac o s, and small se ice p o ide s. Unlike in e nal
employee moni o ing, endo su eillance o en lacks clea ly de ined consen amewo ks and may enc oach upon
con ac ual o ju isdic ional bounda ies [41].

Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2925
The e hical dilemma in ensi ies when AI is used o analyze beha io al pa e ns, geoloca ion da a, o communica ion logs
om hi d-pa y sys ems. Wi hou mu ual ag eemen o anspa en disclosu e, such p ac ices can be seen as in usi e
o disp opo iona e pa icula ly when endo s a e smalle en i ies wi h limi ed capaci y o challenge e ms o p ac ices
[42].
Addi ionally, AI-d i en su eillance can pe pe ua e bias i models lag speci ic endo s mo e equen ly based on
geog aphic o sec o al ac o s embedded in he aining da a. This could lead o disc imina o y sc u iny, une en isk
sco ing, o exclusion om con ac s aising ques ions abou ai ness and due p ocess in au oma ed endo managemen
sys ems [43].
To mi iga e hese isks, o ganiza ions mus adop AI e hics cha e s, in ol e legal and compliance eams in su eillance
design, and o e endo s a enues o ecou se o cla i ica ion. Embedding ai ness, p opo ionali y, and anspa ency
in o AI go e nance ensu es ha he pu sui o cybe esilience does no come a he expense o e hical in eg i y.
10. Fu u e ends in AI-d i en hi d-pa y isk managemen
10.1. P edic i e Go e nance and Digi al Supply Chain Twins
As hi d-pa y cybe isks g ow mo e complex, he concep o p edic i e go e nance le e aging AI o o esee
dis up ions, compliance lapses, o b eaches be o e hey occu is gaining ac ion. A co ne s one o his app oach is he
implemen a ion o digi al supply chain wins, i ual eplicas o eal-wo ld endo ecosys ems ha simula e
ope a ional, echnical, and geopoli ical isk scena ios in eal ime [38].
These wins agg ega e da a om in e nal eleme y, endo po als, and ex e nal h ea in elligence eeds o c ea e a
dynamic map o hi d-pa y in e dependencies. By unning simula ions h ough AI algo i hms, o ganiza ions can model
wha -i scena ios, such as how a egula o y ailu e o in as uc u e ou age a a key endo would cascade h ough he
en e p ise. This o wa d-looking analysis suppo s p oac i e mi iga ion, SLA enego ia ion, and budge alloca ion o
esilience upg ades [39].
Digi al wins also enhance inciden planning and esou ce op imiza ion. Fo example, i a supplie in a high- isk zone
shows inc eased la ency and API e o a es, he win can o ecas po en ial da a a ailabili y issues o se ice-le el
b eaches. This le el o con inuous, AI-enabled o esigh s eng hens endo go e nance and makes supply chain
o e sigh mo e adap i e o eal-wo ld changes [40].
By aligning p edic i e go e nance wi h digi al simula ion, en e p ises c ea e an in eg a ed amewo k ha suppo s
ea ly in e en ion, esou ce e iciency, and esilien p ocu emen s a egies—mo ing isk managemen om eac i e
de ense o p oac i e o ches a ion.
10.2. Fede a ed Lea ning and P i acy-P ese ing Risk Modeling
Figu e 5 A concep ual model whe e AI agen s embedded ac oss en e p ise ne wo ks collabo a i ely con ibu e o
decen alized model upda es. Risk signals such as access iola ions o abno mal endo beha io a e p ocessed locally
and anonymized be o e con ibu ing o b oade isk sco ing engines
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2926
Fede a ed lea ning (FL) ep esen s a g oundb eaking shi in AI-based hi d-pa y isk modeling by enabling
collabo a i e in elligence wi hou da a cen aliza ion. In con as o adi ional models ha agg ega e sensi i e endo
da a in o a cen al eposi o y, FL allows indi idual o ganiza ions o ain models locally on hei own da ase s while
sha ing only model pa ame e s wi h a cen al o ches a o [41].
This decen alized app oach signi ican ly enhances p i acy and da a so e eign y, especially in egula ed sec o s like
heal hca e and inance, whe e c oss-bo de da a ans e s may iola e ju isdic ional laws. Wi h ede a ed lea ning, isk
models can lea n om a b oad ne wo k o en e p ise en i onmen s each con ibu ing o model obus ness wi hou
exposing aw eleme y o con ac de ails [42].
In a ede a ed ecosys em, upda es om each o ganiza ion a e agg ega ed using secu e mul ipa y compu a ion o
homomo phic enc yp ion echniques, p ese ing con iden iali y h oughou he aining cycle. The esul ing global
model e lec s di e se hi d-pa y isk p o iles, enabling mo e gene alizable and equi able h ea de ec ion ac oss
a ied supply chain con ex s [43].
By in eg a ing FL in o cybe isk pla o ms, o ganiza ions achie e a a e i ec a: enhanced model accu acy, compliance
wi h p i acy egula ions, and b oade insigh in o e ol ing h ea s wi hou comp omising p op ie a y o sensi i e
in o ma ion.
10.3. In eg a ion wi h Blockchain o Immu able Compliance Reco ds
The in eg a ion o blockchain echnology wi h AI-based hi d-pa y isk managemen in oduces a new pa adigm in
compliance accoun abili y. Blockchain’s inhe en immu abili y and anspa ency make i an ideal mechanism o
eco ding endo compliance ac ions, audi logs, and isk e en s in a ampe -p oo ledge [44].
Each s ep in he endo li ecycle om onboa ding and con ac app o al o anomaly de ec ion and emedia ion can be
encoded as a imes amped ansac ion. Sma con ac s can au oma e compliance wo k lows by igge ing speci ic
ac ions (e.g., access suspension o audi ini ia ion) when p ede ined isk h esholds a e b eached. This eal- ime
en o cemen os e s us among s akeholde s while ensu ing e i iable audi ails o egula o s [45].
Fo en e p ises ope a ing ac oss ju isdic ions, blockchain p o ides a single sou ce o u h ha sa is ies c oss-bo de
compliance and in e nal go e nance equi emen s. Mo eo e , endo s hemsel es can access hese eco ds o dispu e
isk assessmen s o demons a e emedia ion p og ess, p omo ing anspa ency and ai ness.
When pai ed wi h AI, blockchain ensu es ha isk sco ing, model decisions, and co ec i e ac ions a e no only accu a e
bu also accoun able and aceable. This syne gy s eng hens esilience and go e nance in inc easingly decen alized,
high- isk digi al ecosys ems b idging he gap be ween au oma ion, p i acy, and ins i u ional in eg i y [46].
11. Conclusion
11.1. Summa y o Key Findings
This a icle has explo ed he e olu ion o AI-powe ed sys ems in managing hi d-pa y cybe isks wi hin complex,
in e connec ed digi al ecosys ems. I examined he limi a ions o s a ic assessmen s and highligh ed how ad anced
machine lea ning models such as Random Fo es , XGBoos , and neu al ne wo ks enhance eal- ime h ea de ec ion and
dynamic isk p o iling. Sec o -speci ic applica ions in heal hca e, inance, and ene gy demons a ed AI’s con ex ual
e sa ili y, while in eg a ion wi h GRC and SIEM pla o ms acili a ed ope a ional in e ope abili y. Key challenges,
including da a p i acy, ad e sa ial a acks, and e hical conce ns, we e add essed alongside eme ging inno a ions like
ede a ed lea ning and blockchain o decen alized compliance. Me ics such as MTTD, MTTR, and isk sco e a iance
we e iden i ied as essen ial o e alua ing AI e ec i eness. Th ough p edic i e go e nance, con inuous con ol
moni o ing, and digi al supply chain wins, AI pla o ms a e eshaping endo isk o e sigh om eac i e o p oac i e.
Collec i ely, hese indings unde sco e he ans o ma i e po en ial o AI in o i ying en e p ise esilience and aligning
cybe secu i y s a egies wi h e ol ing egula o y and ope a ional eali ies.
11.2. S a egic Recommenda ions o Implemen a ion
To e ec i ely implemen AI-d i en hi d-pa y cybe isk pla o ms, o ganiza ions should begin by aligning in e nal
s akeholde s IT, legal, p ocu emen , and compliance unde a uni ied go e nance amewo k. They mus p io i ize da a
quali y and in e ope abili y by in eg a ing AI ools wi h exis ing GRC, SIEM, and IAM sys ems. In es men in explainable
AI is c ucial o ensu ing egula o y compliance and s akeholde us , especially in highly egula ed sec o s. Model
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2927
aining should inco po a e di e se, con ex - ich da a sou ces, wi h special a en ion o bias mi iga ion and sec o -
speci ic calib a ion. O ganiza ions should adop a laye ed de ense s a egy ha blends eal- ime anomaly de ec ion wi h
long- e m isk p edic ion and inco po a es human o e sigh a key decision poin s. Regula audi s o AI decision logs
and in eg a ion o ad e sa ial es ing will help alida e pe o mance and obus ness. Las ly, pilo ing ede a ed lea ning
and blockchain componen s can ele a e p i acy and accoun abili y while scaling isk in elligence ac oss di e se endo
ne wo ks. A phased, modula deploymen app oach will ensu e measu able impac and ope a ional scalabili y.
11.3. Final Rema ks on he Role o AI in Cybe Risk Go e nance
AI is no longe a heo e ical add-on in cybe secu i y i is a ounda ional componen o mode n isk go e nance. I s abili y
o inges , p ocess, and in e p e complex da a a scale makes i uniquely capable o add essing he e ol ing h ea
landscape posed by hi d-pa y ela ionships. F om dynamic isk sco ing o p edic i e go e nance and immu able
compliance, AI o e s a mul idimensional oolki o secu ing digi al ecosys ems. As en e p ises g ow inc easingly
in e connec ed and exposed, le e aging AI esponsibly and s a egically will be key o building adap i e, anspa en ,
and esilien cybe isk managemen amewo ks o he u u e.
Compliance wi h e hical s anda ds
Disclosu e o con lic o in e es
No con lic o in e es o be disclosed.
Re e ences
[1] Johnson B. A i icial In elligence and Cybe secu i y in Banking Sec o : Oppo uni ies and Risks.
[2] Ekolama SM, Eb egbe D. Applica ion o A i icial In elligence (AI) Model o Mi iga e Secu i y h ea s o In e ne
o Things (IoT): A Re iew.
[3] Adepoju Adekola Geo ge, Adepoju Daniel Adeyemi. Bioma ke disco e y in clinical biology enhances ea ly
disease de ec ion, p ognosis, and pe sonalized ea men s a egies. Depa men o Heal h In o ma ics, Indiana
Uni e si y Indianapolis, Indiana, USA; 2024. doi: h ps://doi.o g/10.5281/zenodo.15244690
[4] Hussain D, Hajja L. Cybe secu i y and Big Da a Analy ics: S a egies o Secu ing Business In elligence in he
Digi al E a.
[5] Geo ge S. A i icial In elligence-Powe ed Cybe secu i y: The Fu u e o How Th ea s A e De ec ed and Responded.
InLe e aging La ge Language Models o Quan um-Awa e Cybe secu i y 2025 (pp. 247-276). IGI Global Scien i ic
Publishing.
[6] Chukwunweike Joseph, Salaudeen Habeeb Dolapo. Ad anced Compu a ional Me hods o Op imizing Mechanical
Sys ems in Mode n Enginee ing Managemen P ac ices. In e na ional Jou nal o Resea ch Publica ion and
Re iews. 2025 Ma ;6(3):8533-8548. A ailable om: h ps://ij p .com/uploads/V6ISSUE3/IJRPR40901.pd
[7] Go e MA, Uddin MS, Hasan SN, Ba ikda CR, Hassan J, Das N, Chak abo y P, Hasan R. AI-Enhanced Cybe Th ea
De ec ion and Response Ad ancing Na ional Secu i y in C i ical In as uc u e. Jou nal o Pos humanism. 2025
Ap 17;5(3):1667-89.
[8] Radanlie P, De Rou e D, Maple C, Nu se JR, Nicolescu R, Ani U. AI secu i y and cybe isk in IoT sys ems. F on ie s
in Big Da a. 2024 Oc 10;7:1402745.
[9] Tanikonda A, Pandey BK, Peddin i SR, Ka agadda SR. Ad anced AI-D i en Cybe secu i y Solu ions o P oac i e
Th ea De ec ion and Response in Complex Ecosys ems. Jou nal o Science & Technology. 2022 Jan;3(1).
[10] Ugwueze VU, Chukwunweike JN. Con inuous in eg a ion and deploymen s a egies o s eamlined De Ops in
so wa e enginee ing and applica ion deli e y. In J Compu Appl Technol Res. 2024;14(1):1–24.
doi:10.7753/IJCATR1401.1001.
[11] Ba u GG. AI-D i en Da a Analy ics in Cus ody Se ices: Enhanced Repo ing, Compliance, and Risk Managemen .
[12] Sha i SM, Venga ha il S, Sidhick JN, Vijayan R. AI-D i en Secu i y in Cloud Compu ing: Enhancing Th ea
De ec ion, Au oma ed Response, and Cybe Resilience. a Xi p ep in a Xi :2505.03945. 2025 May 6.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2928
[13] Ejedegba Emmanuel. Inno a i e solu ions o ood secu i y and ene gy ansi ion h ough sus ainable e ilize
p oduc ion echniques. Wo ld Jou nal o Ad anced Resea ch and Re iews. 2024 Dec;24(3):1679–1695. A ailable
om: h ps://doi.o g/10.30574/wja .2024.24.3.3877
[14] Ranga aju S. Ai sen y: Rein en ing cybe secu i y h ough in elligen h ea de ec ion. EPH-In e na ional Jou nal
o Science And Enginee ing. 2023 Dec 1;9(3):30-5.
[15] Olu imehin AT. Ad ancing cloud secu i y in digi al inance: AI-d i en h ea de ec ion, c yp og aphic solu ions,
and p i acy challenges. C yp og aphic Solu ions, and P i acy Challenges (Feb ua y 13, 2025). 2025 Feb 13.
[16] Adegboye O. In eg a ing enewable ene gy in ba e y giga ac o y ope a ions: Techno-economic analysis o ne -
ze o manu ac u ing in eme ging ma ke s. Wo ld J Ad Res Re . 2023;20(02):1544–1562. doi:
h ps://doi.o g/10.30574/wja .2023.20.2.2170.
[17] Kayode-Ajala O. Applica ions o Cybe Th ea In elligence (CTI) in inancial ins i u ions and challenges in i s
adop ion. Applied Resea ch in A i icial In elligence and Cloud Compu ing. 2023 Aug 4;6(8):1-21.
[18] Kolha A. Fu u e T ends and Inno a ion in Machine In elligence o Cybe Risk Managemen . InMachine
In elligence Applica ions in Cybe -Risk Managemen 2025 (pp. 415-438). IGI Global Scien i ic Publishing.
[19] Paul F. AI-Powe ed Th ea De ec ion in Hyb id and Mul i-Cloud En i onmen s: O e coming Secu i y Challenges.
[20] Emmanuel Ochuko Ejedegba ‘INTEGRATED STRATEGIES FOR ENHANCING GLOBAL FOOD SECURITY AMID
SHIFTING ENERGY TRANSITION CHALLENGES’, In e na ional Jou nal o Enginee ing Technology Resea ch &
Managemen (ije m), (2024) 08(12). doi: 10.5281/zenodo.14502251,
[21] Chin a PC, Jha KM, Velaga V, Moo e C, Rou hu K, SADARAM G. Ha nessing Big Da a and AI-D i en ERP Sys ems o
Enhance Cybe secu i y Resilience in Real-Time Th ea En i onmen s. A ailable a SSRN 5151788. 2024.
[22] Ake A. Enhancing US ene gy sec o pe o mance h ough ad anced da a-d i en analy ical amewo ks. In J Res
Publ Re . 2024 Dec;5(12):3336-56. A ailable om: h ps://doi.o g/10.55248/gengpi.5.1224.250111
[23] Jeyachand an P. Implemen ing AI-D i en S a egies o Fi s -and Thi d-Pa y F aud Mi iga ion. A ailable a SSRN
5076791. 2024 Jul 3.
[24] Kshe i N. T ans o ming cybe secu i y wi h agen ic AI o comba eme ging cybe h ea s. Telecommunica ions
Policy. 2025 Ap 22:102976.
[25] Enemosah A, Chukwunweike J. Nex -Gene a ion SCADA A chi ec u es o Enhanced Field Au oma ion and Real-
Time Remo e Con ol in Oil and Gas Fields. In J Compu Appl Technol Res. 2022;11(12):514–29.
doi:10.7753/IJCATR1112.1018.
[26] Chukwunweike J, Lawal OA, A ogundade JB, Alade B. Na iga ing e hical challenges o explainable AI in
au onomous sys ems. In e na ional Jou nal o Science and Resea ch A chi e. 2024;13(1):1807–19.
doi:10.30574/ijs a.2024.13.1.1872. A ailable om: h ps://doi.o g/10.30574/ijs a.2024.13.1.1872.
[27] Paul F, Al-Fa si Y. Au oma ing Compliance Managemen wi h AI-Powe ed Risk Assessmen Models.
[28] Olan ewaju AG, Ajayi AO, Pacheco OI, Dada AO, Adeyinka AA. AI-d i en adap i e asse alloca ion: A machine
lea ning app oach o dynamic po olio op imiza ion in ola ile inancial ma ke s. In J Res Finance Manag.
2025;8(1):320-32. A ailable om: h ps://www.doi.o g/10.33545/26175754.2025. 8.i1d.451
[29] Ayodele OF, Adelaja AO. Ad ancing Cybe secu i y Go e nance: Adap i e Resilience and S a egic Thi d-Pa y
Risk Managemen in Financial Se ices.
[30] Ejedegba Emmanuel Ochuko. Syne gizing e ilize inno a ion and enewable ene gy o imp o ed ood secu i y
and clima e esilience. Global En i onmen al Nexus and G een Policy Ini ia i es. 2024 Dec;5(12):1–12. A ailable
om: h ps://doi.o g/10.55248/gengpi.5.1224.3554
[31] Salako AO, Fabuyi JA, Aideyan NT, Selesi-Aina O, Dapo-Oyewole DL, Olaniyi OO. Ad ancing in o ma ion
go e nance in AI-d i en cloud ecosys em: S a egies o enhancing da a secu i y and mee ing egula o y
compliance. Asian Jou nal o Resea ch in Compu e Science. 2024 Dec 7;17(12):66-88.
[32] Olan ewaju AG. A i icial In elligence in Financial Ma ke s: Op imizing Risk Managemen , Po olio Alloca ion,
and Algo i hmic T ading. In J Res Publ Re . 2025 Ma ;6(3):8855-70. A ailable om:
h ps://doi.o g/10.55248/gengpi.6.0325.12185
[33] Ok E. Add essing Secu i y Challenges in AI-D i en Cloud Pla o ms: Risks and Mi iga ion S a egies.
Wo ld Jou nal o Ad anced Resea ch and Re iews, 2025, 26(02), 2909-2929
2929
[34] Adegboye Omo ayo Abayomi. De elopmen o a pollu ion index o po s. In J Sci Res A ch. 2021;2(1):233–258.
A ailable om: h ps://doi.o g/10.30574/ijs a.2021.2.1.0017
[35] Dh u i kuma VT. Enhancing da a secu i y and egula o y compliance in AI-d i en cloud ecosys ems: S a egies
o ad anced in o ma ion go e nance.
[36] Adegboye Omo ayo, A owosegbe Oluwakemi Be y, P ospe Olisedeme. AI Op imized Supply Chain Mapping o
G een Ene gy S o age Sys ems: P edic i e Risk Modeling Unde Geopoli ical and Clima e Shocks 2024.
In e na ional Jou nal o Ad ance Resea ch Publica ion and Re iews. 2024 Dec;1(4):63-86. A ailable om:
h ps://ija p .com/uploads/V1ISSUE4/IJARPR0206.pd
[37] Jaggi K. Ad ancing Cybe secu i y S a egies: Balancing Th ea De ec ion, Compliance, and Resilien
A chi ec u es. Compliance, and Resilien A chi ec u es (Feb ua y 04, 2025). 2025 Feb 4.
[38] Ejedegba Emmanuel Ochuko. Ad ancing g een ene gy ansi ions wi h eco- iendly e ilize solu ions
suppo ing ag icul u al sus ainabili y. In e na ional Resea ch Jou nal o Mode niza ion in Enginee ing,
Technology and Science. 2024 Dec;6(12):1970. A ailable om: h ps://www.doi.o g/10.56726/IRJMETS65313
[39] O ili BT, Obasuyi OT, Osa uwenese E. Th ea in elligence and p edic i e analy ics in USA cloud secu i y:
mi iga ing AI-d i en cybe h ea s. In J Eng Technol Res Manag. 2024 No ;8(11):631.
[40] Mbah GO, E elyn AN. AI-powe ed cybe secu i y: S a egic app oaches o mi iga e isk and sa egua d da a
p i acy.
[41] O ili BT, E habo EO, Obasuyi OT. Enhancing Fede al Cloud Secu i y wi h AI: Ze o T us , Th ea In elligence, and
CISA Compliance. Wo ld Jou nal o Ad anced Resea ch and Re iew. 2025.
[42] Paul F. The Fu u e o Cloud Secu i y: AI-Powe ed P edic i e Analy ics o P oac i e Th ea Managemen .
[43] Adeyeye OJ, Akanbi I, Eme e eke I, Emehin O. Le e aging secu ed AI-d i en da a analy ics o cybe secu i y:
Sa egua ding in o ma ion and enhancing h ea de ec ion. In e na ional Jou nal o Resea ch and Publica ion and
Re iews. 2024;5(10):3208-23.
[44] Clemen M. E hical and Legal Risks in AI-Powe ed Compliance Sys ems.
[45] Kaul D. AI-Powe ed Au onomous Compliance Managemen o Mul i-Region Da a Go e nance in Cloud
Deploymen s. Jou nal o Cu en Science and Resea ch Re iew. 2024 Dec 19;2(03):82-98.
[46] Mohammed A. Ele a ing Cybe secu i y Audi s: How AI is Shaping Compliance and Th ea De ec ion. Ai oz
Mul idisciplina y Re iew. 2023 Ap 6;2(1):35-43.