Generative AI and Cybersecurity: Businesses Raise Concerns

KPMG released a survey recently that detailed how generative AI may help or hamper the cybersecurity posture of companies. The study detailed that the prospective benefits of AI and the future ahead may be outweighed by the current risks and fears. As discussed before, about the challenges new technologies pose, innovations are not without risks, and the initial benefits are often quickly exploited by curious hackers. Especially in cybersecurity, it is important to be cautious.

The study’s introduction summarizes this: “Generative AI can help organizations bolster their security posture and gain efficiencies while doing so. However, the reality is cyber criminals will increase the use of generative AI in their attack strategies as well, and they can be much faster at adopting the technology than large organizations are.” It goes on to detail these attacks, from prompt injections, data leakage or disclosure, and social engineering, especially deepfakes.

Only a few CEOs believe that generative AI will improve their cybersecurity infrastructure, and that the risks outweighing the benefits. A mere 8% reported that their cyberattack response ability improved by using it. While 25% stated compliance issues posing a risk from using it. A whopping 82% of global CEOs are concerned that AI will enable additional attack capabilities.

On the other hand, a disproportionate amount of SMBs think that they have a good understanding of the technology, its risks, and how to use it. This comes from a common occurrence for companies with smaller teams to take a bolder approach to secure their infrastructure, due to budget and staff shortages. It is important for smaller companies to really understand what new technologies may expose them to. The study explains this: “Successful implementation and enablement of AI capabilities – including generative AI – is a journey that starts with optimizing existing cyber security controls, understanding gaps, readiness, and investing in emerging capabilities in line with the evolving cybersecurity landscape and organizational boundaries. Without that, organizations may not be able to leverage generative AI to its full potential, and they risk falling behind their peers and being vulnerable to complex threats.”

The study summarizes the risks and benefits of using AI for cybersecurity: “It can be difficult for organizations to predict exactly how generative AI will impact their cybersecurity posture, so the best way to protect against the unknown is to establish robust defenses that include investment in cybersecurity technology and programs and enforce rigorous staff training. Organizations with strong cybersecurity fundamentals in place will be better equipped to deal with the unknown risks of evolving technologies like generative AI”. If you are concerned about your cyber-preparedness, contact us to see how Glassportal can highlight risk in your organization: demo@glassportal.io