A recent study by cybersecurity consultancy Gemserv warns that the ever-evolving world of artificial intelligence poses new challenges for companies as it threatens to fuel more sophisticated cyber attacks.
The report, titled “Through the Cyber Lens: The Evolving Future of Cyber Security,” surveyed 200 chief information security officers (CISOs) across the United Kingdom and Europe, shedding light on the readiness of CISOs to face the changing landscape of cybersecurity.
The study highlights the growing concern among CISOs regarding the use of deepfake AI technologies in cyber attacks. A substantial 83% of respondents believe that generative AI will play a more significant role in future cyber attacks, with 38% expecting a significant increase and 45% anticipating a moderate rise in attacks utilising these technologies over the next five years. However, only 16% of respondents believe their organizations have an excellent understanding of these advanced AI tools.
“As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change. AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape,” said Mandeep Thandi, Gemserv director of cyber and privacy.
The evolving cyber threat landscape presents risk managers with a formidable challenge in predicting and preparing for attacks. However, the study revealed that 69% of organizations lack access to either security information and event management (SIEM) tooling or cyber threat intelligence, with 8% having neither.
More than three quarters (78%) of CISOs also believe the cyber threat landscape will become more complex and challenging over the next 12 months, while 83% expect more cyber attacks using generative AI tools.
In this climate of uncertainty, risk managers face difficulties in securing budgets, making informed decisions, and recruiting and retaining the right talent. These obstacles underscore the urgency of investing in cybersecurity resources, including robust cyber threat intelligence, to proactively combat evolving threats.
The study also revealed that CISOs face challenges in advising senior leadership within their organisations, with 63% feeling that their senior leadership lacks a comprehensive understanding of imminent cybersecurity and privacy threats. Additionally, 69% of European CISOs and 61% of UK CISOs report a deficiency in cyber threat intelligence (CTI), hindering their ability to prioritise budgets and inform their boards about impending threats.
“CTI is vital for organisations as it provides proactive insights into potential cyber threats, enabling timely identification, risk assessment, and tailored defence strategies. It empowers organisations to stay ahead of adversaries, enhance incident response, and continuously improve their cybersecurity posture in the face of evolving cyber risk,” Thandi said.
Amidst these challenges, new regulations are on the horizon, with the European Union's (EU) AI Act and the UK's Data Protection and Digital Information (DPDI) Bill set to reshape the regulatory landscape. These regulations aim to clarify, manage risks, and strengthen rules around data quality, transparency, human oversight, and accountability.
Four in five of CISOs believe these new regulations will support their organisations' growth and expansion of services. Notably, the EU's AI Act distinguishes between high-risk and low-risk AI tools, ensuring that organisations maintain high standards of transparency and security.
While CISOs demonstrate unwavering resilience, the need for additional resources and support is palpable, the report noted. Budget constraints, talent shortages, communication gaps, and evolving cyber threats underscore the urgency of fortifying cybersecurity efforts.
What are your thoughts on this story? Please feel free to share your comments below.