Businesses consider Gen AI for cybersecurity but expect little impact

In a year in which the financial impact of cyberattacks more than doubled to $1.4 million, organizations are exploring generative artificial intelligence to improve their cybersecurity posture, Dell said in a report published Tuesday.

See also: Live Webinar | Splunk and Panther integration for real-time alerts and personalized dashboards

A majority of businesses are concerned that their organization’s existing data protection measures are unable to deal with malware and ransomware threats, according to the company’s non-scientific survey of 1,500 IT and security decision-makers.

Nearly half of respondents in the Americas, China, Europe, Asia Pacific, Japan, Middle East and Africa regions said their companies are ready to use machine learning and analytics to ensure their data backup are “clean” before recovering them. in the event of a cyber attack.

“Very few” vendors are integrating generational AI capabilities into their security products, and they are leaning more toward machine learning than AI, particularly in the area of ​​anomaly detection, said Rob Emsley, director of product marketing for data protection at Dell.

Generative AI’s ability to quickly analyze large amounts of data can identify abnormal patterns or behaviors that may indicate a cybersecurity threat. It can detect anomalies in network traffic or data patterns, unusual user behavior or suspicious email content, enabling faster identification of threats such as malware, phishing attempts or insider attacks , Emsley said.

But automation is where AI will have the “biggest impact” in the very near term, as vendors understand how AI can help the existing solution deliver benefits, he told Information Security Media Group. It can help automate common cybersecurity tasks, such as patch management, network monitoring, and incident reporting. “This not only increases efficiency, but also frees up human security personnel to focus on more strategic and complex tasks,” Emsley said.

Businesses can also use artificial intelligence to prepare for security incidents using its predictive capabilities. AI can learn from past incidents and global cybersecurity trends to predict future threats or identify potential vulnerabilities. It can also add features to standard penetration testing to enhance its capabilities.

Generation AI represents a “turning point” for cybersecurity, both as a challenge and a solution, Emsley said. Yet those surveyed appear to have low expectations of new technology for their long-term cyber resilience plans.

Just over half of respondents say generative AI will only provide organizations with an advantage in defending against cybercriminals. On average, 20% of respondents believe the technology will help both attackers and defenders.

Cybercriminals will likely take advantage of AI generation in the near term to bypass cyber defenses, Emsley said, citing John Roese, Dell’s chief technology officer.

The degree of adoption of generative AI in cyberattacks will vary depending on the sophistication of cybercriminal groups, their resources, and the specific attack vectors they choose. So far, bad actors have used the technology to conduct more realistic phishing attacks and voicemail spoofs, as well as to generate fake videos, he said.

Almost all of the 1,500 respondents – 88% – said the emerging technology is likely to generate “large volumes of new data” and will increase the value of certain types of data that a majority say may require higher levels of data protection service. Most respondents also expect to deploy Generation AI on-premises and in the public cloud, Emsley said.

Addressing data protection concerns for generative AI requires fundamental strategies similar to those used for other data sources and applications, whether in a multi-cloud or on-premises environment, he said. “It starts with a comprehensive understanding of how an organization plans to deploy and use generation AI for its business, encompassing the needs to protect input, processing and output data,” he said. declared.

This concern is not specific to generative AI, as almost all organizations face data protection challenges, and 52% of organizations surveyed say they have experienced “significant” disruption in the past 12 months , which represents the highest percentage in more than five years. Companies lost 2.17 terabytes of data during this period, and the damage and recovery cost them $2.61 million. Cybersecurity incidents themselves cost organizations approximately $1.92 million.

Seventy-nine percent of respondents fear experiencing a disruptive event in the next year.

Three-quarters of participating organizations are concerned that their existing data protection measures cannot effectively manage ransomware threats, while only 59% say they invest more in cyber prevention than cyber recovery, highlighting a potential imbalance in cyber resilience strategies. Many companies – $42 – appear to have invested an undisclosed amount and made efforts to use AI to “better defend” against attacks, but the survey does not include details of these investments.