Most organizations see offensive AI quickly becoming a standard tool for cybercriminals, with 93% of security leaders expecting to encounter it daily AI-based attacksaccording to Netacea.
Offensive AI in cyberattacks
The study, “Cybersecurity in the Age of Offensive AI,” surveyed security leaders in the UK and US about their experience with cybersecurity. AI as a cybersecurity tool. It reveals that not only do most security executives expect daily AI-based attacks, but 65% expect offensive AI to become the norm for cybercriminals, used in most cyberattacks.
The findings suggest that security leaders understand the importance of offensive AI and expect the next six months to mark the dawn of a new generation of cyberattacks.
Short on time and under pressure to protect their organizations against known and yet-to-be-emerged threats, security leaders are tasked with ensuring that offensive AI has a place in level-level discussions. of the board, alongside high-impact attacks such as Ransomware and DDoS.
Despite this expectation, there are false perceptions about where these threats do the most harm. Only 11% of security managers see bot attacks as the biggest cyber threat their business faces, behind ransomware, phishing and malware.
In a previous study, Netacea found that relentless bot attacks cost businesses 4.3% of their online revenue, which was the equivalent of fifty ransomware payments for the largest companies.
AI is transforming cyber defense and offense
AI will not only be used as a tool to strengthen cyberattacks, but also for cyberdefense. Although a report from the Office of National Statistics indicates that 83% of businesses are not considering adopting AI, this is not true when it comes to cybersecurity.
All respondents to Netacea’s survey have integrated AI into their security stack in some way, and all said it has improved their security posture, with 27% saying that this improvement was significant. The use of AI is also proving effective, with 61% of security leaders agreeing that AI has significantly reduced their operational costs.
However, the use of AI-enhanced protection was primarily used to defend against high-impact, low-frequency attacks such as DDoS (62%), rather than bot attacks (33%). This suggests that while AI is a welcome defense against cyberthreats, it is not yet applied universally or against the most damaging attacks.
Gaps remain. While 90% of respondents are confident in their web application firewall’s defensive AI capabilities, DDoS protection, and API security, only 60% of security leaders could say the same. their bot management tools.
“The pressure is on security leaders to do more with less, and so the increasing use of AI to augment cyberattacks could not have come at a worse time,” said Andy again, CTO, Netacea. “The power of AI and low barrier to entry means it will be used in many ways, including in cyberattacks. While it is encouraging that so many leaders recognize the daily threat that AI poses to them, there are gaps in understanding where the most damaging threats come from. In the arms race between offensive and defensive AI, it is important to recognize that AI will be used wherever it can be, and that it must respond accordingly. »