Generative AI (GenAI) in Cybersecurity: A Double-Edged Sword
Generative AI (GenAI) is quickly becoming a key player in cybersecurity, transforming both defensive measures and the tactics employed by cybercriminals. The latest Splunk CISO Report reveals that more than 52% of Chief Information Security Officers (CISOs) prioritize emerging technologies, such as GenAI, to fight growing cyber threats. However, there is a disconnect at the board level, where only 33% of board members support such initiatives, highlighting a misalignment in corporate priorities when it comes to cybersecurity.
AI’s Double-Edged Role
GenAI is instrumental in risk identification (39%), threat intelligence analysis (39%), and prioritizing threat detection (35%), providing CISOs with powerful tools for defense. However, cybercriminals are also leveraging AI to enhance their attacks. AI enables them to improve existing attack methods (32%) and even create entirely new threats (23%).
Despite these advancements, CISOs continue to face challenges. Nearly 64% attribute the frequency of cyberattacks to insufficient budgets and lack of board support. While 41% of boards feel their cybersecurity budgets are adequate, only 29% of CISOs agree, signaling a significant risk for organizations as threats become more complex and frequent.
Read More: Pakistan Achieves Top-Tier Cybersecurity Status
Emerging Concerns
The rise of AI-powered cyberattacks tops the list of concerns for 36% of CISOs, followed by cyber extortion (24%) and data breaches (23%). Despite AI’s role in bolstering defensive capabilities, experts like Greg Clark, Director of Product Management at OpenText Cybersecurity, stress the importance of education and employee awareness. Phishing scams and insider threats, which are increasingly supported by AI, demand comprehensive training across all departments to mitigate risks.
To address these challenges, security teams are emphasizing cross-functional training, with 91% of organizations offering legal and compliance training to security professionals and vice versa. Additionally, 86% of respondents believe AI could help close the cybersecurity skills gap by streamlining entry-level tasks and boosting productivity for experienced staff.
Steps for ‘Cyber Hygiene’
Proactive measures are essential to prevent cyberattacks. Strong passwords combined with multi-factor authentication (MFA) remain one of the most effective defenses, as 80% of data breaches stem from weak password security. Businesses should adopt password managers and enforce stringent password policies to enhance security.
Furthermore, organizations must assess vulnerabilities in third-party vendors, as even the best internal defenses can be compromised by external breaches. The recent “major incident” involving the US Treasury illustrates how third-party vulnerabilities can expose critical weaknesses.
Investing in Cybersecurity
While budgets may be tight, investing in cybersecurity is a necessity. Ransomware attacks can result in millions of dollars in losses, damaging both customer trust and a company’s reputation. As cyber threats grow more sophisticated, integrating AI-driven solutions, along with employee education and strong cybersecurity practices, is crucial for mitigating risks and ensuring long-term security.
