Capgemini Report Highlights AI and Gen AI as Both Risk and Resilience Drivers in Cybersecurity

Capgemini Report Highlights AI and Gen AI as Both Risk and Resilience Drivers in Cybersecurity

The Capgemini Research Institute’s new report, “New defenses, new threats: What AI and Gen AI bring to cybersecurity”, published today, suggests that while new cybersecurity risks are emerging, due to the proliferation of AI and generative AI (Gen AI), these technologies represent a transformative shift in reinforcing cyber-defense strategies for the long term to predict, detect, and respond to threats. Two thirds of organizations are now prioritizing AI within their security operations.

According to the report, while AI is considered by organizations as a strategic technology to strengthen their security strategies, the increased adoption of Gen AI across various industries1 brings heightened vulnerability. Gen AI introduces three major risk areas for organizations: more sophisticated attacks with more adversaries, the expansion of the cyber-attack surface, and a growth in vulnerabilities in the entire lifecycle of custom Gen AI solutions. These risks are also compounded by the misuse of AI and Gen AI by employees which can significantly increase the risk of data leakage.

Two in three organizations are wary of increased exposure to threats Almost all organizations surveyed (97%) say they have encountered breaches or security issues related to the use of Gen AI in the past year. Gen AI also brings additional risks, including hallucinations, biased, harmful, or inappropriate content generation, and prompt injection attacks2. Two in three organizations (67%) are worried about data poisoning and the possible leakage of sensitive data through the training datasets used to train Gen AI models.

Moreover, Gen AI's ability to generate highly realistic synthetic content is posing additional risks: more than two in five organizations surveyed (43%) said they have suffered financial losses arising from the use of deepfakes.

Nearly 6 in 10 believe they need to increase their cybersecurity budget to bolster their defenses consequently.

AI and Gen AI are paramount for detecting and responding to attacks Surveying 1,000 organizations3 that have either considered AI for cybersecurity or are already using it, the report finds that most rely on AI to strengthen their data, application and cloud security due to the technology’s ability to rapidly analyze vast amounts of data, identify patterns and predict potential breaches.

More than 60% of them reported a reduction of at least 5%, in their time-to-detect, and nearly 40% said their remediation time fell by 5% or more after implementing AI in their security operations centers (SOCs).

Three in five organizations surveyed (61%) believe AI to be essential to effective threat response, enabling them to implement proactive security strategies against increasingly sophisticated threat actors. In addition, the same proportion of respondents foresee Gen AI strengthening proactive defense strategies in the long term, anticipating faster threat detection. Over half of them believe also that the technology will empower cybersecurity analysts to concentrate more on strategy for combating complex threats.

“The use of AI and Gen AI has so far proved to be a double-edged sword. While it introduces unprecedented risks, organizations are increasingly relying on AI for faster and more accurate detection of cyber incidents. AI and Gen AI provide security teams with powerful new tools to mitigate these incidents and transform their defense strategies. To ensure they represent a net advantage in the face of evolving threat sophistication, organizations must maintain and prioritize continuous monitoring of the security landscape, build the necessary data management infrastructure, frameworks and ethical guidelines for AI adoption, and establish robust employee training and awareness programs,” said Marco Pereira, Global Head Cybersecurity, Cloud Infrastructure Services, Capgemini.

Methodology The Capgemini Research Institute surveyed 1,000 organizations that have either considered AI for cybersecurity or are already using it, across 12 sectors and 13 countries in Asia Pacific, Europe, and North America. They have annual revenues of $1 billion and over. The global survey took place in May 2024. Organizations surveyed represent a diverse range of sectors including automotive; consumer products; retail; banking; insurance; telecom; energy and utilities; aerospace and defense; high-tech; industrial equipment manufacturing; pharma and healthcare and public sector.

Last modified on Wednesday, 20 November 2024 06:44

PREVIOUS POST

Citi and Google Cloud Partner to Accelerate Digital Transformation with AI and Cloud Technology