Poor CEO grasp of threats and critical need for investment

Major increase in cyberattacks from deep fake AI technologies expected… but leaders lack both understanding of threats and urgent need to invest in protection.

  • Tuesday, 31st October 2023 Posted 1 year ago in by Phil Alsop

Research by OnePoll and Gemserv, the leading cybersecurity consultancy, reveals that companies must upgrade their systems now as AI threatens to make cyber-attacks more sophisticated.

Knowledge and information gaps are emerging as critical challenges, particularly for Chief Information Security Officers (CISOs), as the cyber threat landscape is expected to become increasingly volatile, further exacerbated by this year's geopolitical tensions.

In their report titled "Through the Cyber Lens: The Evolving Future of Cyber Security", the study surveys 200 CISOs across the United Kingdom and Europe, assessing the readiness of CISOs to confront their evolving challenges, particularly those stemming from the rise of AI innovation, while also exploring their expectations for the future.

Generative AI and Emerging Threats: The Perilous Path Ahead

The survey reveals that 38% of respondents anticipate a significant increase in cyberattacks utilising deep fake AI technologies over the next five years, with an additional 45% expecting a moderate rise. In total, a striking 83% of respondents believe that generative AI will play a more prominent role in cyberattacks. However, a mere 16% of respondents consider their organisations to have an excellent understanding of these advanced AI tools.

Mandeep Thandi, Director of Cyber and Privacy at Gemserv, commented on the research findings: "As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change. AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape."

A New Barrage of challenges: Preparing for Emerging Threats & The Need for Vigilance

The ever-evolving cyber threat landscape presents CISOs with the formidable challenge of predicting and preparing for attacks. Information and budgetary resources are essential for adequate preparation. However, the survey reveals concerning statistics:

• 69% of organisations lack access to either SIEM tooling or cyber threat intelligence, with 8% having neither.

• 78% of CISOs believe the cyber threat landscape will become more complex and challenging over the next 12 months.

• A significant 83% of CISOs expect to see more cyber-attacks using generative AI tools.

In this environment of uncertainty, CISOs face challenges in securing adequate budgets, making informed decisions, and recruiting and retaining the right talent. These hurdles underscore the urgency of investing in cybersecurity resources, including robust cyber threat intelligence, as a proactive measure to combat evolving threats.

When it comes to advising key stakeholders within their organisations, the research reveals that 63% of CISOs feel that their senior leadership lacks a comprehensive understanding of the imminent cybersecurity and privacy threats. Moreover, 69% of European CISOs and 61% of UK CISOs report a deficiency in cyber threat intelligence (CTI), hindering their ability to prioritise budgets and inform their boards about impending threats.

Mandeep Thandi emphasised the importance of CTI, stating, "CTI is vital for organisations as it provides proactive insights into potential cyber threats, enabling timely identification, risk assessment, and tailored defence strategies. It empowers organisations to stay ahead of adversaries, enhance incident response, and continuously improve their cybersecurity posture in the face of evolving cyber risk."

New Regulations: A Ray of Regulatory Hope

Amidst these challenges, new regulations are on the horizon. The European Union's (EU) AI Act and the UK's Data Protection and Digital Information (DPDI) Bill are set to reshape the regulatory landscape. These regulations aim to clarify, manage risks, and strengthen rules around data quality, transparency, human oversight, and accountability.

A notable 82% of CISOs believe these new regulations will support their organisations' growth and expansion of services. The EU's AI Act, in particular, distinguishes between high-risk and low-risk AI tools, ensuring that organisations maintain high standards of transparency and security.

A Call for Resources and Resilience

In conclusion, the survey offers a sobering glimpse into the world of CISOs tasked with safeguarding digital landscapes amidst a barrage of challenges. While CISOs demonstrate unwavering resilience, the need for additional resources and support is palpable. Budget constraints, talent shortages, communication gaps, and evolving cyber threats underscore the urgency of fortifying cybersecurity efforts.

The cybersecurity landscape is ever-changing, and as threats evolve, so must our commitment to equipping CISOs with the resources they need to protect our digital future.