Over half (54%) of Chief Information Security Officers (CISOs) feel their security team is unprepared for evolving AI-powered threats, according to research from Absolute Security.
The findings were uncovered in the Absolute Security United Kingdom CISO Cyber Resilience Report 2024 which surveyed 250 UK CISOs at enterprise organisations, via an independent polling agency Censuswide, to assess the state of cyber resilience, AI, and the cyber threat landscape in the UK.
NCSC findings
According to the NCSC, AI will ‘almost certainly’ make cyber attacks against the UK more impactful, because threat actors will be able to analyse exfiltrated data faster and more effectively and use it to train AI models.
Almost half (46%) of CISOs believe that AI is more of a threat to their organisation’s cyber resilience than a help, highlighting AI as a potential danger in safeguarding organisations from cyber threats, rather than strengthening cyber resilience.
Dangers due to AI
39% of CISOs have personally stopped using AI due to fears of a cyber breach
Additionally, 39% of CISOs have personally stopped using AI due to fears of a cyber breach, and 44% have banned AI use by employees at their organisation due to fears of a cyber breach.
Andy Ward, VP of International of Absolute Security, said, “Our research has highlighted the significant danger posed by evolving AI threats, and we urge organisations to strengthen their cyber resilience structures to cope."
AI-driven cyber threats
"As AI-driven cyber threats continue to advance in complexity, proactive measures are essential to safeguard sensitive data assets and mitigate the associated risks."
“Although this report highlights how AI offers positive opportunities for organisations in terms of workforce development, updating and prioritising a policy of cyber resilience should be a top priority, not an afterthought. The repercussions of a breach, which can compromise both customer and employee data, can inflict irreparable damage."
Need for a robust framework
"Therefore, organisations should focus on threat protection, deterring attacks, and preparing to defend against cyber threats."
"Achieving this requires clear visibility and effective control over networks, along with a robust framework to improve network supervision and establish a solid defensive stance. Organisations must leverage AI for competitive advantage, while simultaneously strengthening cybersecurity defences to prevent potential vulnerabilities.”
Positives of AI
On the other hand, a higher percentage of CISOs see AI in a positive light, with 77% of CISOs stating that AI has filled the cybersecurity skills gap. Furthermore, 85% of CISOs stated that their C-Suite has been sent on AI training courses.
There has been a clear shift towards AI and a growing recognition of its importance in strengthening cyber resilience, with 83% of CISOs prioritising the hiring of AI experts in 2023-2024.
