Over half (54%) of Chief Information Security Officers (CISOs) feel their security team are unprepared for evolving AI-powered threats, according to research from Absolute Security.
The findings were uncovered in the Absolute Security United Kingdom CISO Cyber Resilience Report 2024 which surveyed 250 UK CISOs at enterprise organisations, via independent polling agency Censuswide, to assess the state of cyber-resilience, AI and the cyberthreat landscape in the UK.
According to the NCSC, AI will ‘almost certainly’ make cyberattacks against the UK more impactful, because threat actors will be able to analyse exfiltrated data faster and more effectively and use it to train AI models.
Almost half (46%) of CISOs believe that AI is more of a threat to their organisation’s cyber-resilience than a help, highlighting AI as a potential danger in safeguarding organisations from cyberthreats, rather than strengthening cyber-resilience.
Additionally, 39% of CISOs have personally stopped using AI due to fears of a cyberbreach, and 44% have banned AI use by employees at their organisation due to fears of a cyberbreach.
Andy Ward, VP International of Absolute Security, said: “Our research has highlighted the significant danger posed by evolving AI threats, and we urge organisations to strengthen their cyber-resilience structures to cope. As AI-driven cyberthreats continue to advance in complexity, proactive measures are essential to safeguard sensitive data assets and mitigate the associated risks.
“Although this report highlights how AI offers positive opportunities for organisations in terms of workforce development, updating and prioritising a policy of cyber-resilience should be a top priority, not an afterthought. The repercussions of a breach, which can compromise both customer and employee data, can inflict irreparable damage.
“Therefore, organisations should focus on threat protection, deterring attacks, and preparing to defend against cyberthreats. Achieving this requires clear visibility and effective control over networks, along with a robust framework to improve network supervision and establish a solid defensive stance. Organisations must leverage AI for competitive advantage, while simultaneously strengthening cybersecurity defences to prevent potential vulnerabilities.”
On the other hand, a higher percentage of CISOs see AI in a positive light, with 77% of CISOs stating that AI has filled the cybersecurity skills gap. Furthermore, 85% of CISOs stated that their C-Suite has been sent on AI training courses.
There has been a clear shift towards AI and a growing recognition of its importance in strengthening cyber-resilience, with 83% of CISOs prioritising the hiring of AI experts over the past year.