AI looms large in security landscape

Splunk, in collaboration with Enterprise Strategy Group, has released the “State of Security 2024: The Race to Harness AI” global research report. A total of 1,650 security leaders participated in the global survey, with many reporting that cybersecurity has become easier to manage compared to past years. However, cybersecurity defenders now find themselves in a race against adversaries to harness generative AI (Gen AI).

  • Wednesday, 1st May 2024 Posted 7 months ago in by Phil Alsop

According to the report, organizations have heavily adopted Gen AI tools within their teams. Compared to organizations that are still developing a cybersecurity program, those with advanced approaches have significant budgets, resources, and authority and are well-positioned to embrace cutting-edge Gen AI tools and technologies. However, despite this widespread adoption, many organizations lack a clear Gen AI policy or full grasp of the technology’s broader implications. Furthermore, cybersecurity leaders are divided on who will gain the upper hand in leveraging Gen AI tools: cybersecurity defenders or threat actors.

93% of security leaders said public Gen AI was in use across their respective organizations, and 91% reported using Gen AI specifically for cybersecurity operations.

Despite high adoption, 34% of surveyed organizations say they do not have a Gen AI policy in place, and 65% of respondents admit to not fully understanding the implications of Gen AI.

44% of respondents rank generative AI as a top initiative in 2024, surpassing cloud security as the top initiative.

Cybersecurity leaders are split over who has the advantage when it comes to Gen AI. While 45% of respondents believe Gen AI will be a net win for threat actors, 43% said Gen AI will give cybersecurity defenders the edge.

“We are in an AI gold rush, with bad actors and security professionals both trying to seize the advantage,” said Patrick Coughlin, SVP, Global Technical Sales, Splunk. “The introduction of Gen AI creates new opportunities for organizations to streamline processes, increase productivity, and limit staff burnout. Unfortunately, Gen AI also presents unprecedented advantages for threat actors. To combat this new threat landscape, defenders must outpace threat actors in the race to harness and securely deploy the power of Gen AI.”

Cybersecurity hiring has proven to be a considerable challenge in recent years, especially for entry-level workers seeking to break into the industry. Our report indicates that Gen AI is a possible solution to this problem as it helps organizations discover and onboard entry-level talent more efficiently. Additionally, the majority of cybersecurity professionals anticipate that Gen AI will enhance their speed and productivity.

86% of cybersecurity leaders say Gen AI can enable them to hire more entry-level talent to fill the skills gap.

58% say onboarding entry-level talent will be quicker thanks to Gen AI.

90% of security executives believe entry-level talent can lean on Gen AI to develop their skills in the Security Operations Center (SOC).

65% believe the technology will help seasoned cybersecurity professionals become more productive.

The majority of security professionals are also facing growing compliance pressures. The implementation of stricter compliance requirements has significantly raised the stakes, particularly for security leaders who may personally face repercussions for the organizations’ violations. This changing compliance landscape underscores the need for increased vigilance and accountability within the security sector.

76% of respondents say personal liability has made cybersecurity a less attractive field, and 70% have considered leaving the field due to job-related stress.

62% of professionals report having already been impacted by changing compliance mandates requiring disclosure of material breaches. Meanwhile, 86% of security professionals say they will shift budgets to prioritize meeting compliance regulations over security best practices.

Many respondents also expect their organizations to be more risk-averse, with 63% expecting that organizations will err on the side of caution and overreport breaches as material to avoid penalties.

Beacon, NY, Dec 20, 2024– DocuWare unveils its AI-powered Intelligent Document Processing (DocuWare IDP), bringing about unprecedented improvements...
85% of IT decision makers surveyed reported progress in their companies’ 2024 AI strategy, with 47% saying they have already achieved positive ROI.

MSPs will invest in more AI security forecasting

Posted 1 week ago by Phil Alsop
Predictive maintenance and forecasting for security and failures will be a growing area for MSPs with an interest in security, says Nicole Reineke,...

Machine identities next big target for cyberattacks

Posted 1 week ago by Phil Alsop
Venafi has published the findings of its latest research report: The Impact of Machine Identities on the State of Cloud Native Security in 2024....
Nearly 50% of organisations have experienced a security breach in the last two years.

IT professionals recognise lack of gender diversity

Posted 1 week ago by Phil Alsop
The majority (87 percent) of IT professionals agree that there is a lack of gender diversity in the sector, yet less than half (41 percent) of...

A moving landscape for MSPs

Posted 1 week ago by Phil Alsop
2025 predictions from Ranjan Singh, chief product officer at Kaseya.

Data breach epidemic takes its toll

Posted 1 week ago by Phil Alsop
New study by Splunk shows that a significant number of UK CISOs are stressed, tired, and aren’t getting adequate time to relax.