Netacea, the bot detection and response specialist, today announced new research into the threat of AI-driven cyberattacks. The study reveals that most organizations see “offensive AI” quickly becoming a standard tool for cybercriminals, with 93% of security leaders expecting to encounter AI-based attacks on a daily basis.
The research, Cybersecurity in the era of offensive AI, surveyed security leaders in the UK and US about their experience with AI as a cybersecurity tool, enhancing both offensive and defensive capabilities. It reveals that not only do most security executives expect daily AI-driven attacks, but two-thirds (65%) expect offensive AI to become the norm for cybercriminals , used in most cyberattacks.
Despite this expectation, there are false perceptions about where these threats do the most harm. Only 11% of security leaders consider bot attacks to be the biggest cyberthreat their company faces, behind ransomware, phishing and malware. In Previous searchNetacea found that relentless bot attacks cost businesses 4.3% of their online revenue – for the largest companies, this was the equivalent of fifty ransomware payments.
AI will not only be used as a tool to strengthen cyberattacks, but also for cyberdefense. While a report from the Office for National Statistics reported that 83% of companies have no plans to adopt AI, this is not true when it comes to cybersecurity. All respondents to Netacea’s survey have integrated AI into their security stack in some way, and all said it has improved their security posture: 27% of them said that this improvement was significant. The use of AI is also proving effective, with 61% of security leaders agreeing that AI has significantly reduced their operational costs.
However, the use of AI-enhanced protection was primarily used to defend against low-frequency, high-impact attacks such as DDoS (62%), rather than bot attacks (33%). This suggests that while AI is a welcome defense against cyberthreats, it is not yet applied universally or against the most damaging attacks. Gaps remain. While 90% of respondents are confident in their web application firewall’s defensive AI capabilities, DDoS protection, and API security, only 60% of security leaders could say the same. their bot management tools.
“The pressure is on security leaders to do more with less, so the growing use of AI to augment cyberattacks couldn’t have come at a worse time,” said Andy Still , CTO and co-founder of Netacea. “The power of AI and low barrier to entry means it will be used in many ways, including in cyberattacks. While it is encouraging that so many leaders recognize the daily threat that AI poses to them, there are gaps in understanding where the most damaging threats come from. In the arms race between offensive and defensive AI, it is important to recognize that AI will be used wherever it can be, and that it must respond accordingly. »
The full report can be downloaded here.