Generative AI increases vulnerability to cyberattacks
Senior security professionals view generative AI as a disruptive cybersecurity threat, with 46 percent of respondents to a new survey believing generative AI will increase their organization's vulnerability to attacks.
The study from Deep Instinct shows the top three generative AI threat issues are seen as growing privacy concerns (39 percent), undetectable phishing attacks (37 percent) and an increase in the volume and velocity of attacks (33 percent).
Generative AI technology has already been repurposed by bad actors as evidenced by WormGPT, a new generative AI tool advertised on underground forums as a way for adversaries to launch sophisticated phishing and business email compromise attacks.
Cybersecurity teams are grappling with an increased workload given the adoption of new technologies like generative AI. As a result, more than half (55 percent) of security professionals say their stress levels have increased, with the top reason being staffing and resource limitations (42 percent). In fact, 51 percent say they are likely to leave their job in the next 12 months as a result of stress.
There are positives too, however, 69 percent of respondents say they have already adopted generative AI tools within their organization, with the highest adoption taking place (80 percent) within the finance sector. Nearly three-quarters (70 percent) of security professionals say generative AI is positively impacting employee productivity and collaboration, with 63 percent stating the technology has also improved employee morale.
"In this new era of generative AI, the only way to combat emerging AI threats is by using advanced AI -- one that can prevent and predict unknown threats. Relying on antiquated tools like EDR is the equivalent of fighting a four-alarm fire with a garden hose," says Lane Bess, CEO of Deep Instinct. "Assuming breach has been an accepted stance but the belief that EDR can get out ahead of threats is simply not true. A shift toward predictive prevention for data security is required to remain ahead of vulnerabilities, limit false positives, and alleviate security team stress."
You can get the full report from the Deep Instinct site.
Image credit: peshkov/depositphotos.com