Generative AI raises cybersecurity concerns among companies, finds survey, ET CISO
There is a growing concern among IT leaders about the cybersecurity risks associated with AI investments, according to a survey.
The findings are based on a survey of 350 IT leaders by Flexential, a provider of secure and flexible data center solutions, at organisations with over $100 million in annual revenue, including 100 respondents at organizations with over $2 billion in annual revenue.
The survey suggests that organisations must address multiple challenges related to cybersecurity and data protection to achieve their AI objectives, indicating the increased need for proactive disaster recovery planning, resilient infrastructure design and testing, and an emphasis on reliable uptime to ensure secure, scalable, and high-performant AI deployments.
The survey found that nearly all IT leaders (95%) believe that their organisation’s increased investment in AI has made them more vulnerable to cyberthreats. Shockingly, 40% of respondents said their cybersecurity teams don’t understand how to protect AI applications and workloads.
Additionally, 42% of organisations have strategically shifted AI applications and workloads away from the public cloud to colocation environments. This move, driven by heightened data privacy and security concerns, indicates a cautious approach among enterprises. By opting for colocation, they are ensuring tighter control over sensitive data within on-premise or third-party data centers and private clouds.
The findings
Over half (54%) of respondents stated that the complexity of AI applications creates a larger, inherently more vulnerable attack surface for their organizations.
Due to AI investments, 39% of IT leaders claimed they are storing and processing more sensitive data than before.
Around half of respondents (51%) noted their AI investments have led them to move where they store sensitive data, such as closer to the edge of the network, increasing their organizations’ cybersecurity vulnerability.
What experts say
Experts indicate that AI-driven attacks remain relatively rare compared to traditional cyber threats.
Current assessments suggest that threat actors are more focused on exploiting human errors, which have proven to be highly effective. Recent data shows that over two-thirds of data breaches this year were linked to non-malicious human actions, such as social engineering attacks or simple mistakes by employees. This trend indicates that many cybercriminals find success with established tactics and may not see the need to invest in new, often costly AI techniques.
Organisations are encouraged to maintain their focus on employee training programs to reduce the likelihood of human error. Additionally, the current landscape presents a unique opportunity for businesses to bolster their defenses against potential AI-related threats before they become more prevalent.
A recent survey revealed that over one-third of C-suite leaders identified cybersecurity and AI as priority areas for upskilling this year. Addressing the skills gap in securing AI technologies is essential, as a significant portion of cybersecurity professionals reported having limited experience in this area.