State of Security 2024 Report Reveals Growing Impact of Generative AI on Cybersecurity Landscape
30 Abril 2024 - 7:00AM
Business Wire
Global Research Shows 93% of Organizations
Are Using Public Generative AI But 34% of Organizations Do Not Have
a Generative AI Policy in Place
Splunk, the cybersecurity and observability leader, in
collaboration with Enterprise Strategy Group, today released the
“State of Security 2024: The Race to Harness AI” global research
report. A total of 1,650 security leaders participated in the
global survey, with many reporting that cybersecurity has become
easier to manage compared to past years. However, cybersecurity
defenders now find themselves in a race against adversaries to
harness generative AI (Gen AI).
According to the report, organizations have heavily adopted Gen
AI tools within their teams. Compared to organizations that are
still developing a cybersecurity program, those with advanced
approaches have significant budgets, resources, and authority and
are well-positioned to embrace cutting-edge Gen AI tools and
technologies. However, despite this widespread adoption, many
organizations lack a clear Gen AI policy or full grasp of the
technology’s broader implications. Furthermore, cybersecurity
leaders are divided on who will gain the upper hand in leveraging
Gen AI tools: cybersecurity defenders or threat actors.
- 93% of security leaders said public Gen AI was in use
across their respective organizations, and 91% reported
using Gen AI specifically for cybersecurity operations.
- Despite high adoption, 34% of surveyed organizations say
they do not have a Gen AI policy in place, and 65% of
respondents admit to not fully understanding the implications of
Gen AI.
- 44% of respondents rank generative AI as a top
initiative in 2024, surpassing cloud security as the top
initiative.
- Cybersecurity leaders are split over who has the advantage when
it comes to Gen AI. While 45% of respondents believe Gen AI
will be a net win for threat actors, 43% said Gen AI will
give cybersecurity defenders the edge.
“We are in an AI gold rush, with bad actors and security
professionals both trying to seize the advantage,” said Patrick
Coughlin, SVP, Global Technical Sales, Splunk. “The introduction of
Gen AI creates new opportunities for organizations to streamline
processes, increase productivity, and limit staff burnout.
Unfortunately, Gen AI also presents unprecedented advantages for
threat actors. To combat this new threat landscape, defenders must
outpace threat actors in the race to harness and securely deploy
the power of Gen AI.”
Cybersecurity hiring has proven to be a considerable challenge
in recent years, especially for entry-level workers seeking to
break into the industry. Our report indicates that Gen AI is a
possible solution to this problem as it helps organizations
discover and onboard entry-level talent more efficiently.
Additionally, the majority of cybersecurity professionals
anticipate that Gen AI will enhance their speed and
productivity.
- 86% of cybersecurity leaders say Gen AI can enable them
to hire more entry-level talent to fill the skills gap.
- 58% say onboarding entry-level talent will be quicker
thanks to Gen AI.
- 90% of security executives believe entry-level talent
can lean on Gen AI to develop their skills in the Security
Operations Center (SOC).
- 65% believe the technology will help seasoned
cybersecurity professionals become more productive.
The majority of security professionals are also facing growing
compliance pressures. The implementation of stricter compliance
requirements has significantly raised the stakes, particularly for
security leaders who may personally face repercussions for the
organizations’ violations. This changing compliance landscape
underscores the need for increased vigilance and accountability
within the security sector.
- 76% of respondents say personal liability has made
cybersecurity a less attractive field, and 70% have
considered leaving the field due to job-related stress.
- 62% of professionals report having already been impacted
by changing compliance mandates requiring disclosure of material
breaches. Meanwhile, 86% of security professionals say they
will shift budgets to prioritize meeting compliance regulations
over security best practices.
- Many respondents also expect their organizations to be more
risk-averse, with 63% expecting that organizations will err
on the side of caution and overreport breaches as material to avoid
penalties.
For more insights and recommendations from the State of Security
2024, please visit:
https://www.splunk.com/en_us/form/state-of-security.html
Methodology
Researchers surveyed 1,650 security executives during December
2023 and January 2024. Respondents were in Australia, France,
Germany, India, Japan, New Zealand, Singapore, United Kingdom and
United States. They also represented 16 industries: Aerospace and
defense, business services, consumer packaged goods, education,
financial services, government (federal/national, state and local),
healthcare, life sciences, manufacturing, technology, media,
oil/gas, retail/wholesale, telecom, transportation/logistics,
utilities
About Splunk Inc.
Splunk, a Cisco company, helps build a safer and more resilient
digital world. Organizations trust Splunk to prevent security,
infrastructure and application issues from becoming major
incidents, absorb shocks from digital disruptions, and accelerate
digital transformation.
Splunk and Splunk> are trademarks and registered trademarks
of Splunk Inc. in the United States and other countries. All other
brand names, product names, or trademarks belong to their
respective owners. © 2024 Splunk Inc. All rights reserved.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240430035599/en/
For more information, please contact:
Media Contact Matt Nagel Splunk Inc. press@splunk.com