The surge of the generative AI (GenAI) industry has given bad actors in the hackerspace a leg up when it comes to attacking vulnerable entities. Enterprises and organizations have become easier to infiltrate due to the quickly developing technology– however, businesses are also using GenAI more often as part of their cybersecurity strategy.
A recent Splunk CISO 2024 report detailed the current state of the industry from a security standpoint, noting that board members and security experts have varying opinions on how emerging cybersecurity threats should be handled. Nevertheless, hackers benefit from being able to use GenAI more frequently and effectively. Some instances include bad actors using AI chatbots to develop malware and crack passwords.
According to the latest research, GenAI has made existing attacks more effective by 32%, has increased the volume of existing attacks by 28%, and has created new types of cyber threats by 23%.
Additionally, 52% of CISOs (Chief Information Security Officers) said they would like to tackle cybersecurity challenges with comparable GenAI technologies, as opposed to 33% of board members. Though security professionals are looking for a change, they still are straddling the learning curve with 41% saying requirements are getting easier to keep up with, relative to the amount and strength of cyberattacks.
In practical use, 39% of CISOs say they use GenAI tools to identify risks, 39% say they use tools for threat intelligence analysis, and 35% say they use tools for threat detection and prioritization.
With GenAI being used on both sides of the industry, the biggest challenge for enterprises is that the CISOs and board members often don’t see eye-to-eye on many topics that can ultimately put businesses at risk. The report detailed that 29% of CISOs felt they had the proper budget to provide adequate cybersecurity support, while 41% of board members felt their allocated budgets were sufficient. Overall, 64% of CISOs said they could direct inadequate support back to the cyberattacks they’ve ultimately had to tackle.
Now, AI-powered cyberattacks are CISOs biggest concerns at 36%, behind cyber extortion at 24% and data breaches at 23%. As mentioned, hackers quickly began using AI tools such as ChatGPT to develop malware and became so adept that government entities, including the FBI had to take notice. Additionally, in the wrong hands, technologies such as Generative Adversarial Network (GAN) machine learning models can be used to crack passwords in seconds.
TechRadar noted that keeping secure with strong passwords, multi-factor authentication (MFA), password managers, cybersecurity training, and evaluations of third-party vendors for vulnerabilities are among the top priorities for keeping businesses safe from cyberattacks.
