New Research by Cyber-Security specialists GEMSERV reveals serious concerns over new Generative AI* threats to global organisations
International governments, senior technology executives and global CEOs will gather at the world’s first Global Artificial Intelligence (AI) Safety Summit, hosted by the UK on November 1st and 2nd at the historic Bletchley Park in Buckinghamshire.
The summit aims to initiate a dialogue on AI regulation and cybersecurity. According to new research published by Gemserv, the leading cybersecurity consultancy, companies must upgrade their systems now as AI threatens to make cyber-attacks more sophisticated.
Knowledge and information gaps are emerging as critical challenges, particularly for Chief Information Security Officers (CISOs), as the cyber threat landscape is expected to become increasingly volatile, further exacerbated by this year’s geopolitical tensions.
In their report titled “Through the Cyber Lens: The Evolving Future of Cyber Security”, the study by OnePoll surveys 200 CISOs across the United Kingdom and Europe, assessing the readiness of CISOs to confront their evolving challenges, particularly those stemming from the rise of AI innovation, while also exploring their expectations for the future.
Generative AI and Emerging Threats: The Perilous Path Ahead
The survey reveals that 38% of respondents anticipate a significant increase in cyberattacks utilising deep fake AI technologies over the next five years, with an additional 45% expecting a moderate rise. In total, a striking 83% of respondents believe that generative AI will play a more prominent role in cyberattacks. However, a mere 16% of respondents consider their organisations to have an excellent understanding of these advanced AI tools.
Mandeep Thandi, Director of Cyber and Privacy at Gemserv, commented on the research findings: “As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change. AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape.”
A new barrage of challenges: Preparing for Emerging Threats: The Need for Vigilance
The ever-evolving cyber threat landscape presents CISOs with the formidable challenge of predicting and preparing for attacks. Information and budgetary resources are essential for adequate preparation. However, the survey reveals concerning statistics:
69% of organisations lack access to either SIEM tooling or cyber threat intelligence, with 8% having neither.
78% of CISOs believe the cyber threat landscape will become more complex and challenging over the next 12 months.
A significant 83% of CISOs expect to see more cyber attacks using generative AI tools.
In this environment of uncertainty, CISOs face challenges in securing adequate budgets, making informed decisions, and recruiting and retaining the right talent. These hurdles underscore the urgency of investing in cybersecurity resources, including robust cyber threat intelligence, as a proactive measure to combat evolving threats.
When it comes to advising key stakeholders within their organisations, the research reveals that 63% of CISOs feel that their senior leadership lacks a comprehensive understanding of the imminent cybersecurity and privacy threats. Moreover, 69% of European CISOs and 61% of UK CISOs report a deficiency in cyber threat intelligence (CTI), hindering their ability to prioritise budgets and inform their boards about impending threats.
Mandeep Thandi emphasised the importance of CTI, stating, “CTI is vital for organisations as it provides proactive insights into potential cyber threats, enabling timely identification, risk assessment, and tailored defence strategies. It empowers organisations to stay ahead of adversaries, enhance incident response, and continuously improve their cybersecurity posture in the face of evolving cyber risk.”
New Regulations: A Ray of Regulatory Hope
Amidst these challenges, new regulations are on the horizon. The European Union’s (EU) AI Act and the UK’s Data Protection and Digital Information (DPDI) Bill are set to reshape the regulatory landscape. These regulations aim to clarify, manage risks, and strengthen rules around data quality, transparency, human oversight, and accountability.
A notable 82% of CISOs believe these new regulations will support their organisations’ growth and expansion of services. The EU’s AI Act, in particular, distinguishes between high-risk and low-risk AI tools, ensuring that organisations maintain high standards of transparency and security.
A Call for Resources and Resilience
In conclusion, the survey offers a sobering glimpse into the world of CISOs tasked with safeguarding digital landscapes amidst a barrage of challenges. While CISOs demonstrate unwavering resilience, the need for additional resources and support is palpable. Budget constraints, talent shortages, communication gaps, and evolving cyber threats underscore the urgency of fortifying cybersecurity efforts.
The insights unveiled by this survey provide a roadmap for organisations and policymakers to address these challenges head-on. The cybersecurity landscape is ever-changing, and as threats evolve, so must our commitment to equipping CISOs with the resources they need to protect our digital future.