AI advances “an area of concern” for IT decision-makers in new survey

Brian Martin, head of product development, innovation and strategy at Integrity360, commented: “The use of AI for cyber attacks is already a threat to businesses, but recognising the future potential and the impact this can have is just the start. We’ve already witnessed the potential for deepfake technology with the video of Volodymyr Zelensky supposedly telling Ukrainians to put down their weapons. This is just one example of the nefarious means in which AI can be used. Businesses need to be prepared for how to defend themselves and discern what is and isn’t real such that they avoid falling victim to attacks.”

Just shy of 60% of respondents also agree that AI is increasing the number of cyber security attacks, which aligns with the change in attacks that have been noticeable over the past year as ‘offensive AI’ is being used in instances such as malware creation. It’s also being employed to create more phishing messages with content that accurately mimics the language, tone and design of legitimate e-mail messages.

In line with this, the survey also indicates that businesses recognise the impact AI will exert on cyber security as 46% of respondents disagreed with the statement that they do not understand the impact of AI on cyber security.

However, when breaking down the findings by specific job roles, the survey suggests that Chief Information Security Officers appear to have the least understanding of AI’s impact on cyber security, with 42% of those surveyed indicating disagreement with the statement. This highlights a potential gap in knowledge among C-Suite executives, which may have implications for organisations’ cyber security strategies and the importance of educational efforts to ensure they are informed about the role of AI in cyber security.

Further to this, 61% of respondents expressed their apprehension over the increase in AI, indicating that this is an area of concern within the industry.

Tangible reality  

“AI’s role in cyber security is not only a matter of perception, but a tangible reality,” continued Martin. “Conventional cyber attacks will ultimately become obsolete as AI technologies are increasingly available and more appealing and accessible as attackers look to expand their use for AI-enabled cyber attacks. It’s essential for businesses to consider how this can be used against them and put processes in place to protect themselves against such growing threats.”

Despite concerns, 73% of respondents agree that AI is becoming an increasingly important tool for security operations and incident response. This reflects the industry’s growing recognition of AI’s potential to enhance security practices and the perception that it can be used defensively and offensively in terms of cyber security regimes.

Further, 71% of respondents agree that AI is improving the speed and accuracy of incident response. This is likely due to AI’s ability to analyse vast amounts of data and identify threats in real-time, which contributes to its overall effectiveness in incident response.

More than two-thirds (ie 67%) of respondents also believe that using AI improves the efficiency of cyber security operations. AI can automate routine tasks, in turn allowing cyber security professionals to focus on more complex and strategic aspects of their work.

“As AI technologies continue to evolve,” concluded Martin, “their integration with cyber security will follow. Organisations must remain proactive in embracing AI, while also addressing the challenges it presents. Cyber security defences absolutely need to keep pace.”

Study methodology

The research was conducted by Censuswide among a sample of 205 IT security decision-makers aged 18 and over.

The data was collected between 9 and 14 August.

Censuswide abides by and employs members of the Market Research Society and follows the latter’s Code of Conduct, which is itself based on the ESOMAR principles.