The increase of generative AI (Genai) in cyber security continues, with over half (52 %) of CISOs prioritizing innovative with new technologies, although only one -third (33 %) of the board members agree, new research has claimed.
The latest Splunk CISO report outlines industry people’s priorities and opinions and notices how the cyber landscape is changing rapidly, but 41 % of security leaders reported that the requirements will be easier to follow, despite the increased effectiveness and frequency of cyber attacks.
Genai is used to protect companies from threats from attackers, and CISOs use AI to identify risks (39%), threat intelligence analysis (39%) and threat detection and prioritization (35%) – as well as outline the priorities of CISOs, Here’s what we know.
Plays both sides
It’s no secret that Genai is becoming an integral part of cyber security on both the defensive and offensive side, where attackers use the technology for a number of purposes, including making existing attacks more effective (32%), increase the scope of existing attacks (28 %), and create new types of cyber threats (23 %).
The report illustrates a gap between CISOs and board members, not only in attitudes, but also in distribution, where only 29 % of CISOs feel that they are getting a sufficient budget to protect their businesses, compared to 41 % of the boards, who believe their budgets are enough. This manifests itself as a serious risk factor in which nearly two -thirds (64%) of CISOs connects a shortage of support to the cyber attacks they are experiencing.
This is not the first report of an interruption between how many CISOs feel that they are not getting the right level of respect from their board of directors, where board members downplay the seriousness of attacks and accuse CISOs of being ‘excessively negative ‘.
But there is undoubtedly reason to be concerned. Although AI is used in cyber protection, it also makes cyber attacks even smarter and more dangerous, and this tops the list of worries for CISOs, with 36 % saying that AI-driven attacks are their main concern, followed by cyber extortion (24 %), and data breach (23 %).
“Individual employees play a crucial role in protecting data. Phishing scams and insider threats only become more sophisticated. Whether it is a large company or a small business, education and awareness across all departments must be put on top of AI-driven technologies that detect threats, ”says Greg Clark, Director of Product Management, Data Security, OpentExt CyberSecurity.
The qualifying shortage is also a critical problem in technology, but 86 % of respondents believe that AI can help fire more talents at the beginner level to navigate the ongoing cyber security competence gap, where 65 % also believe that AI will ‘allow experienced Security experts to be more productive ‘.
Security experts join overwhelmingly with compliance and legal teams to increase training, with 91 % increased security training for legal and compliance employees, and 90 % deliver legal and compliance training to security professionals- so the industry takes steps to cover all bases.
Attack prevention
Prevention of cyber attacks is really bread and butter for cyber security teams, but if you have just started with a small business or want to be ultrasic, here are a few best tips for maintaining cyberhygiene.
First, and most importantly, are strong passwords and Multi-Factor Authentication (MFA). About 80 % of data breaches come from poor password security, so this is really crucial. Make sure all company passwords are complex, varied and as long as possible while still memorable.
Implement password administrators and approval software to ensure that employee passwords are secured and make sure a strong password policy is in place so that all employees understand the criteria for strong credentials and their importance.
Regular and comprehensive training in cyber security for all employees is the key to giving your organization the opportunity to recognize and mitigate potential threats. This should focus on training employees in risk management and security checks, such as antivirus software and firewalls – as well as cyber security frameworks throughout the company.
More importantly, the assessment of third -party providers for vulnerabilities. Businesses and organizations are inevitably connected and it is practically impossible for companies to operate without using any third -party software vendors.
No matter how impenetrable your cyber security is, an attack on a third party may leave you revealed, illustrated by the US Ministry of Finance’s ‘major incident’, a cyber attack derived from an compromised third party.
We know that budgets are tight and cyber security is not always a priority, but ransomware attacks can easily cost an organization millions and can have a negative effect on the confidence of customers and business partners, as well as damage to the reputation – so safe practice is a worthy investment.
You also like 
