By Princewil Okike
Sophos, a global leader of innovative security solutions for defeating cyber attacks, has released a new report, tagged: “Beyond the Hype: The Business Reality of AI for Cyber security,” which surveyed 400 IT leaders on their use of Artificial Intelligence (AI) in security.
According to the survey, despite 65 per cent having adopted Generative Artificial Intelligence (GenAI), 89 per cent of IT leaders are concerned that flaws in GenAI cyber security tools could put their organizations at risk.
The new Sophos X-Ops research, which also released another report tagged: “Cybercriminals Still Not Getting on Board the AI Train (Yet),” said had been a slight but noteworthy shift in the way cybercriminals use AI. After investigating several underground forums, Sophos X-Ops found that, while there’s still skepticism about GenAI, some criminals are using it to automate mundane tasks, such as crafting bulk emails and analyzing data. Others are incorporating it into spam and social engineering toolkits.
Analyzing the reports, the Director, Global Field CTO at Sophos, Chester Wisniewski, said: “As with many other things in life, the mantra should be ‘trust but verify’ regarding generative AI tools. We have not actually taught the machines to think; we have simply provided them the context to speed up the processing of large quantities of data. The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realized.”
With some form of AI embedded in the cyber security infrastructure of 98 per cent of organizations surveyed, IT leaders expressed concern about potential over-reliance on AI, with 87 per cent of respondents stating they were concerned about a resulting lack of cyber security accountability.
According to the reports, while large organizations with more than 1,000 employees are prioritizing improved protection, respondents with 50-99 employees rated reducing burnout as their top desired benefit from GenAI tools.
However, complicating matters, across all sizes of organizations, 84 per cent of leaders surveyed said they were concerned about pressure to reduce cyber security professional headcount due to unrealistic expectations about AI’s abilities to replace human operators.
Other key findings from the ‘Beyond the Hype’ report, showed that costs of GenAI are hard to quantify, as75 per cent of IT leaders agree that the costs of GenAI in cyber security products are hard to quantify.
