SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image

Ivanti report highlights risks of genAI in cybersecurity

Wed, 4th Dec 2024

Ivanti has released a report titled "Generative AI and Cybersecurity: Risk and Reward," which examines the intersection of generative AI and cybersecurity.

The report coincides with statements from the UK's National Cyber Security Centre (NCSC) urging organisations to prioritise cybersecurity as a fundamental aspect of their operations, following their response to over 500 cyber incidents this year.

Ivanti's findings reveal that 25% of IT and security professionals in the UK lack a documented strategy to mitigate the risks associated with generative AI. This absence of preparation is concerning as 49% of the surveyed professionals anticipate that phishing will become a heightened threat due to generative AI.

Despite the increased threat from AI-powered attacks, only 32% of organisations consider their anti-phishing training to be very effective, even though 57% utilise such training as part of their defensive measures against sophisticated social-engineering attacks.

"As GenAI continues to evolve, so must the understanding of its implications for cybersecurity," said Robert Grazioli, Chief Information Officer at Ivanti. "Undoubtedly, GenAI equips cybersecurity professionals with powerful tools, but it also provides attackers with advanced capabilities. To counter this, new strategies are needed to prevent malicious AI from becoming a dominant threat. This report helps equip organisations with the insights needed to stay ahead of advanced threats and safeguard their digital assets effectively."

The report highlights the potential of generative AI to improve threat detection and response but notes that 72% of respondents acknowledge their IT and security data are siloed, limiting the efficiency of AI applications.

While generative AI presents a powerful tool for attackers, the consensus among those surveyed suggests that 90% believe it equally benefits security teams. However, security professionals are significantly more likely to perceive AI tools as primarily advantageous for employers rather than employees.

Another pressing issue addressed in the report is the shortage of cybersecurity talent. A separate 2024 study by ISC2 identifies a global deficit of 4.8 million cyber professionals. Ivanti's research indicates that one in three security professionals consider a lack of skill and talent a major obstacle. Generative AI is seen as a potential tool to alleviate this shortage by enhancing team productivity, although it necessitates investments in upskilling cybersecurity personnel.

Ivanti gathered insights from over 14,500 executives, IT, security professionals, and office workers to comprehend organisational strategies in managing AI within cybersecurity, focusing on processes, technologies, and talent required to bolster defences.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X