Follow Us on Google
By Chinenye Anuforo
A new Sophos report, “Beyond the Hype: The Business Reality of AI for Cybersecurity,” revealed a significant concern among IT leaders regarding the use of generative artificial intelligence (GenAI) in cybersecurity.
Despite a 65 per cent adoption rate of GenAI capabilities, a striking 89 per cent of the 400 IT leaders surveyed expressed worry that flaws in these tools could negatively impact their organization’s security posture.
This apprehension comes even as 98 per cent of the surveyed organizations have integrated some form of AI into their cybersecurity infrastructure. The report also highlights concerns about over-reliance on AI, with 87% of respondents stating they are worried about a resulting lack of cybersecurity accountability.
“As with many other things in life, the mantra should be ‘trust but verify’ regarding generative AI tools. We have not actually taught the machines to think; we have simply provided them the context to speed up the processing of large quantities of data,” said Chester Wisniewski, director, global field CTO, Sophos. “The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realized.”
Adding to the complexity, a separate Sophos X-Ops research report, “Cybercriminals Still Not Getting on Board the AI Train (Yet),” released concurrently, indicated a subtle shift in cybercriminal behavior regarding AI. While GenAI skepticism persists within underground forums, some criminals are starting to use it for tasks like automating bulk email creation and data analysis, with others incorporating it into spam and social engineering toolkits.
Sophos’s “Beyond the Hype” report further explores varying priorities for GenAI use across different organization sizes. Large organizations (over 1,000 employees) prioritize enhanced protection, while those with 50-99 employees see reducing burnout as the primary benefit. However, across the board, 84 per cent of leaders are concerned about pressure to reduce cybersecurity staff due to unrealistic expectations of AI’s capabilities to replace human operators.
Other key findings from the “Beyond the Hype” report include: 75 per cent of IT leaders agreed that the costs associated with GenAI in cybersecurity products are difficult to assess.
Also, while 80 per cent of IT leaders believe GenAI will initially increase cybersecurity tool costs, 87 per cent expect the resulting efficiencies and savings to offset those costs and ultimately lower overall cybersecurity spending.
