Singapore – As organisations now rely heavily on artificial intelligence, the latest data from cybersecurity and observability firm Splunk found that approximately 93% of security leaders are using Gen AI across their respective organisations. However, a significant 34% of them said they do not have a policy in place for its use.
According to the report, about 91% also reported utilising the tool specifically for cybersecurity operations. In fact, 44% of respondents ranked general AI as a top initiative in 2024, surpassing cloud security.
In terms of advantages, opinions among cybersecurity leaders are divided regarding generative AI. While 45% believe it will benefit threat actors, 43% think it will give cybersecurity defenders an edge.
Meanwhile, it is also worth noting that despite the widespread adoption of Gen AI, many organisations still lack a clear policy or comprehensive understanding of its broader implications. Specifically, approximately 65% of respondents admitted not fully grasping the implications of generative AI.
Data from the findings also suggests Gen AI as a possible solution to the challenges in cybersecurity hiring by helping organisations identify and onboard entry-level talent more efficiently.
In particular, more than half (86%) of cybersecurity leaders indicated Gen AI can help them hire more entry-level talent to address the skills gap. Around 58% also stated that onboarding entry-level talent will be quicker with Gen AI. Additionally, a substantial 90% of security executives believe entry-level talent can use Gen AI to enhance their skills in the Security Operations Centre (SOC).
An average of 65%, on the other hand, believe this technology will advance the productivity of seasoned cybersecurity professionals.
Interestingly, the implementation of stricter compliance requirements has significantly raised the stakes, especially for security leaders who may personally face repercussions for the organisations’ violations. This move emphasises the need for increased vigilance and accountability within the security sector.
With this, the report noted 76% of respondents saying personal liability has made cybersecurity a less attractive field, and 70% have contemplated leaving the field due to job-related stress.
About 62% of professionals further report having already been affected by changing compliance mandates requiring disclosure of material breaches.
Meanwhile, 86% of security professionals intend to reallocate their budgets to prioritise meeting compliance regulations over implementing security best practices.
Given the situation, many respondents also anticipate that their organisations will be more risk-averse, with 63% expecting that organisations will err on the side of caution and over-report breaches as material to avoid penalties.
Patrick Coughlin, SVP, Global Technical Sales at Splunk, commented, “We are in an AI gold rush, with bad actors and security professionals both trying to seize the advantage. The introduction of Gen AI creates new opportunities for organisations to streamline processes, increase productivity, and limit staff burnout. Unfortunately, Gen AI also presents unprecedented advantages for threat actors. “
“To combat this new threat landscape, defenders must outpace threat actors in the race to harness and securely deploy the power of Gen AI,” explained Patrick.
