Cybersecurity pros change strategies to combat AI-powered threats
75% of security professionals had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on prevention capabilities, according to Deep Instinct.
Additionally, 97% of respondents are concerned their organization will suffer a security incident due to adversarial AI.
“The biggest challenge for SecOps teams is keeping pace with the rapidly evolving threat landscape being driven by AI. These never-before-seen threats are disrupting organizations, causing breaches that are accompanied by costly remediation. SecOps must stay ahead of these unknown attacks that often penetrate existing defenses, despite investment in technology and talented cybersecurity professionals,” said Lane Bess, CEO of Deep Instinct.
“Threat hunting teams need to be equipped with better solutions that leverage more sophisticated AI, specifically deep learning, to not only predict but prevent unknown threats and offer explainability to facilitate response,” added Bess.
Deepfakes continue to plague organizations
Deepfakes, or synthetic audio or video media files that have been digitally manipulated with AI, no longer just impact public figures and celebrities. Corporate leadership teams are now prime targets for manipulation.
The research found that 61% of organizations experienced a rise in deepfake incidents over the past year, with 75% of these attacks impersonating an organization’s CEO or another member of the C-suite.
Relying on legacy, reactive cybersecurity tools like Endpoint Detection and Response (EDR) continues to set organizations up for failure, as EDR cannot combat next-generation, AI-powered cyber threats.
Yet, 41% of organizations still rely on EDR solutions to protect them from adversarial AI – but less than 31% plan to increase their EDR investments to prepare for unknown attacks. EDR should be a last resort. A prevention-first approach to cybersecurity blocks an attack from ever reaching the endpoint, eliminating the need to respond to threats.
Defending against AI attacks with prevention-first approach
The only way to properly combat rising AI-powered attacks is to adopt a prevention-first approach to cybersecurity. Fortunately, the industry is starting to shift its mindset from “assume breach” to prevention.
42% of organizations currently use preventative technologies, like predictive prevention platforms, to help protect against adversarial AI. However, 53% of security professionals feel pressure from their board to adopt tools that allow them to prevent the next cyber attack, rather than rely on antiquated defense mechanisms that have proven ineffective – as evidenced in the recent security incident impacting Microsoft, where bad actors dwelled in the network for months. Prevention is the future, and it’s finally being prioritized.
The rise of adversarial AI is also taking a toll on cybersecurity professionals, with 66% admitting their stress levels are worse than last year and 66% saying AI is the direct cause of burnout and stress.
To help alleviate this burnout SecOps professionals believe that AI can be used for good. In fact, 35% want to implement AI tools to help alleviate repetitive and time-consuming tasks. Additionally, 35% of respondents say having proactive cybersecurity measures in place, like predictive prevention, would help decrease their stress levels.
The report, conducted by Sapio Research, surveyed 500 senior cybersecurity experts from companies with 1,000+ employees in the US operating in financial services, technology, manufacturing, retail, healthcare, public sector, or critical infrastructure.