Threat managers beware – generative AI spells critical issues for safety

A current research by cybersecurity consultancy Gemserv warns that the ever-evolving world of synthetic intelligence poses new challenges for corporations because it threatens to gasoline extra refined cyber assaults.

The research highlights the rising concern amongst CISOs concerning the usage of deepfake AI applied sciences in cyber assaults. A considerable 83% of respondents imagine that generative AI will play a extra important function in future cyber assaults, with 38% anticipating a major improve and 45% anticipating a reasonable rise in assaults utilising these applied sciences over the subsequent 5 years. Nonetheless, solely 16% of respondents imagine their organizations have a wonderful understanding of those superior AI instruments.

“Because the AI revolution transforms the panorama of cybersecurity, CISOs stand on the forefront of this modification. AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations in opposition to the unstable cyber risk panorama,” mentioned Mandeep Thandi, Gemserv director of cyber and privateness.

The evolving cyber risk panorama presents threat managers with a formidable problem in predicting and making ready for assaults. Nonetheless, the research revealed that 69% of organizations lack entry to both safety info and occasion administration (SIEM) tooling or cyber risk intelligence, with 8% having neither.

Greater than three quarters (78%) of CISOs additionally imagine the cyber risk panorama will turn into extra complicated and difficult over the subsequent 12 months, whereas 83% anticipate extra cyber assaults utilizing generative AI instruments.

On this local weather of uncertainty, threat managers face difficulties in securing budgets, making knowledgeable choices, and recruiting and retaining the suitable expertise. These obstacles underscore the urgency of investing in cybersecurity assets, together with sturdy cyber risk intelligence, to proactively fight evolving threats.

The research additionally revealed that CISOs face challenges in advising senior management inside their organisations, with 63% feeling that their senior management lacks a complete understanding of imminent cybersecurity and privateness threats. Moreover, 69% of European CISOs and 61% of UK CISOs report a deficiency in cyber risk intelligence (CTI), hindering their means to prioritise budgets and inform their boards about impending threats.

“CTI is significant for organisations because it supplies proactive insights into potential cyber threats, enabling well timed identification, threat evaluation, and tailor-made defence methods. It empowers organisations to remain forward of adversaries, improve incident response, and constantly enhance their cybersecurity posture within the face of evolving cyber threat,” Thandi mentioned.

Evolving laws to fight evolving dangers

Amidst these challenges, new laws are on the horizon, with the European Union’s (EU) AI Act and the UK’s Information Safety and Digital Data (DPDI) Invoice set to reshape the regulatory panorama. These laws intention to make clear, handle dangers, and strengthen guidelines round knowledge high quality, transparency, human oversight, and accountability.

4 in 5 of CISOs imagine these new laws will help their organisations’ progress and growth of providers. Notably, the EU’s AI Act distinguishes between high-risk and low-risk AI instruments, guaranteeing that organisations preserve excessive requirements of transparency and safety.

Whereas CISOs display unwavering resilience, the necessity for extra assets and help is palpable, the report famous. Finances constraints, expertise shortages, communication gaps, and evolving cyber threats underscore the urgency of fortifying cybersecurity efforts.

What are your ideas on this story? Please be happy to share your feedback beneath.