What is the State of AI Cybersecurity Report?
We surveyed 1,800 CISOs, security leaders, administrators, and practitioners from industries around the globe. Our research was conducted to understand how the adoption of new AI-powered offensive and defensive cybersecurity technologies are being managed by organizations.
Here are some of the key findings from the report:
What is the impact of AI on the cyber threat landscape?
Today’s security stakeholders are already seeing AI’s impact on the threat landscape.
"74% of survey respondents agree that AI-powered cyber threats are having a significant impact on their organizations. However, 60% of respondents fear that their organizations are not adequately prepared to defend against AI-powered threats and attacks."
How is AI being applied in cyber-attacks?
Generative AI can be used to create large volumes of highly personalized phishing attacks and to change the signatures and hashes associated with malware files. Other AI tools can also scan environments for exploitable vulnerabilities.
However, operationalizing AI in a cyber-attack requires sophistication. In most cases, attackers tend to begin using AI by addressing the simplest use cases or “lowest-hanging fruit.”
Identifying exactly when and where AI is being applied is not always possible since there are few methods for doing so. Thus, defenders will need to focus their effort on preparing for threats that are coming at them faster than ever before.
How does AI affect cyber risk?
"71% of organizations have already taken strides to reduce the risks that come with AI’s adoption."
In terms of cyber risk, adopting AI technologies into the business also generates concern for industry professionals given the increased risk of exposing sensitive or proprietary information through employee use of third-party generative AI tools. The access to publicly-available, text-based generative AI systems to increase productivity opens the door to “shadow AI” in which individuals use these popular AI tools without organizational approval or oversight.
What is the impact of AI on cybersecurity solutions?
AI is poised to transform not just the threat landscape but the solution landscape as well, a fact defenders understand.
"95% of cybersecurity professionals agree that AI-powered solutions will level up their organizations’ defenses."
Survey participants believe that AI-powered security solutions are a must-have for countering the risks posed by AI-powered threats. However, cybersecurity vendors are racing to capitalize on buyer interest in AI by supplying solutions that promise to meet the increasing demands. But not all AI is created equal, and not all these solutions live up to the widespread hype.
"Improving threat detection (57%) and identifying exploitable vulnerabilities (50%) are the top ranked areas where respondents believe AI will make an impact."
However, survey participants may not fully understand how AI is applied to these aspects of cybersecurity. For example, generativeAI actually has little to no role to play in threat detection and proactive attack surface management. Generative AI does accelerate the data retrieval process within threat detection, can create quick incident summaries, automate low level tasks, and simulate phishing emails, but it does not improve the ability to detect novel attacks.
Understanding AI technologies in cybersecurity
A worldwide preoccupation with generativeAI may have colored perceptions of what AI is and where it’s most effectively applied.
"Only 26% of security professionals report a full understanding of the different types of AI in use within security products."
As the AI revolution unfolds, the speed at which vendors are introducing new AI-powered solutions far outpaces the rate at which practitioners are being trained how to use them.
There’s a strong need for greater vendor transparency, as well as efforts to educate end users so that they can better understand the technologies they are deploying.
Types of AI in cybersecurity
Supervised machine learning: Applied more often than any other type of AI in cybersecurity.Trained on human attack patterns and historical threat intelligence.
Natural language processing (NLP): Applies computational techniques to process and understand human language.
Large language models (LLMs): Applies deep learning models trained on massively large data sets to understand, summarize, and generate new content. Used in generative AI tools. The integrity of their output depends upon the quality of the data on which they were trained.
Unsupervised machine learning: Continuously learns from raw, unstructured data to identify deviations that represent true anomalies.
The more attention AI technology gets in cybersecurity, the higher expectations tend to be. As leaders and practitioners discover more about AI, they will need to learn when and where to use it – and how to offset the potential risks that various models and approaches can bring.
Cybersecurity practitioners’ priorities and objectives
Although security stakeholders are aware that the rise of AI will require them to implement new tools and deploy more advanced capabilities in certain areas, they still entertain multiple different – and sometimes conflicting – opinions about planning for the future.
"88% of cybersecurity professionals prefer a platform approach over individual point products."
Respondents expressed a strong preference for a platform- centric approach in their cybersecurity solution stacks. This is undoubtedly due to a far-reaching desire to reduce cost and complexity.
Even more widespread was agreement that organizations prefer to purchase new security capabilities within a broader platform rather than as individual point products.
"Top priorities for improving their ability to defend against AI-driven threats include adding AI-powered tools to their solution stacks and improving toolset integration."
Many security teams are looking to their existing vendors first when thinking about adding AI-powered tools to their solution stack. This may be because:
- It takes more time and effort to replace existing tooling than it does to add onto the exiting stack.
- Trust has already been established within existing relationships. As long as this is valued, there will always be a need to integrate AI and non-AI solutions.
Download the report for more statistics and insight on the state of AI in cybersecurity.
Learn more about AI can help you secure your enterprise
