AI-powered cyber threats pose grave danger to organizations. A majority of SecOps professionals are aware of these dangers, yet their approach to thwarting these attacks lack teeth.
Deep Instinct’s “The 2024 Voice of SecOps” report finds 97% of security professionals are concerned that their organization will suffer an AI-generated security incident, with 66% claiming AI is the direct cause of burnout.
CIO Influence Insights: Why Should You Integrate Cybersecurity into Your Company Culture?
Deep Instinct is regarded as a leading prevention-first cybersecurity company that stops unknown malware pre-execution with a purpose-built, AI-based deep learning (DL) framework.
Deep Instinct Study Finds Cybersecurity Strategies are Changing to Combat AI-Powered Threats as Prevention Takes Precedence
The study found that three in four security professionals (75%) had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on prevention capabilities. Additionally, 97% of respondents are concerned their organization will suffer a security incident due to adversarial AI.
“The biggest challenge for SecOps teams is keeping pace with the rapidly evolving threat landscape being driven by AI. These never-before-seen threats are disrupting organizations, causing breaches that are accompanied by costly remediation. SecOps must stay ahead of these unknown attacks that often penetrate existing defenses, despite investment in technology and talented cybersecurity professionals,” said Lane Bess, CEO of Deep Instinct.
Top Read Article: The Role of Cyber Insurance in Mitigating Financial Risks from Cyber Threats
Lane added, “Threat hunting teams need to be equipped with better solutions that leverage more sophisticated AI, specifically deep learning, to not only predict but prevent unknown threats and offer explainability to facilitate response.”
The report, conducted by Sapio Research, surveyed 500 senior cybersecurity experts from companies with 1,000+ employees in the US operating in financial services, technology, manufacturing, retail, healthcare, public sector, or critical infrastructure.
Key findings included the following:
Deepfakes continue to plague organizations, with C-suite impersonations rising.
Deepfakes, or synthetic audio or video media files that have been digitally manipulated with AI, no longer just impact public figures and celebrities. Corporate leadership teams are now prime targets for manipulation. Our research found that 61% of organizations experienced a rise in deepfake incidents over the past year, with 75% of these attacks impersonating an organization’s CEO or another member of the C-suite.
An over-reliance on Endpoint Detection and Response leaves organizations increasingly vulnerable.
Relying on legacy, reactive cybersecurity tools like Endpoint Detection and Response (EDR) continues to set organizations up for failure, as EDR cannot combat next-generation, AI-powered cyber threats. It’s like fighting a five-alarm fire with a garden hose. Yet, 41% of organizations still rely on EDR solutions to protect them from adversarial AI – but less than a third (31%) plan to increase their EDR investments to prepare for unknown attacks. EDR should be a last resort. A prevention-first approach to cybersecurity blocks an attack from ever reaching the endpoint, eliminating the need to respond to threats.
Cybersecurity prevention is the future, but pressure is being applied now.
The only way to properly combat rising AI-powered attacks is to adopt a prevention-first approach to cybersecurity. Fortunately, the industry is starting to shift its mindset from “assume breach” to prevention. Our study found that 42% of organizations currently use preventative technologies, like predictive prevention platforms, to help protect against adversarial AI. However, more than half (53%) of security professionals feel pressure from their board to adopt tools that allow them to prevent the next cyber attack, rather than rely on antiquated defense mechanisms that have proven ineffective – as evidenced in the recent security incident impacting Microsoft, where bad actors dwelled in the network for months. Prevention is the future, and it’s finally being prioritized.
AI is causing greater SecOps burnout and stress.
The rise of adversarial AI is also taking a toll on cybersecurity professionals, with 66% admitting their stress levels are worse than last year and two in three (66%) saying AI is the direct cause of burnout and stress.
To help alleviate this burnout SecOps professionals believe that AI can be used for good. In fact, over a third (35%) want to implement AI tools to help alleviate repetitive and time-consuming tasks. Additionally, 35% of respondents say having proactive cybersecurity measures in place, like predictive prevention, would help decrease their stress levels.