Generative AI, or GenAI, is hailed as a great tool; for the most part, it certainly is. I mean, with its ability to create new content and automate tasks, we can see why it is becoming increasingly accessible.
That said, the concept of democratized GenAI presents a double-edged sword. On the one hand, it allows professionals across all skill levels to leverage its capabilities. This translates to increased efficiency, innovation and problem-solving across various fields.
This same accessibility, however, makes GenAI a potential weapon for malicious actors. The ease of access and potentially lower costs compared to traditional cybercrime tools create a breeding ground for misuse. This is where CISOs play a critical role.
The reality is that this accessibility, coupled with the rising tide of cyberattacks (99% of CISOs reported an attack in the past six months, with 82% experiencing an increase), has placed significant pressure on CISOs. According to the recent "Mind of the CISO: Decoding the GenAI Impact" report by Trellix, nearly all respondents acknowledged this growing pressure, emphasizing the need to adapt to this evolving environment.
The good news? CISOs recognize the potential benefits of GenAI for cybersecurity. A majority are excited about its possibilities, and nearly half are already taking steps to secure their AI tools. This includes establishing AI committees for review and implementing governance frameworks with clear security standards.
“GenAI and AI have the potential to both disrupt and enhance security operations. As the acting gatekeepers – CISOs are under immense pressure,” said Harold Rivas, CISO, Trellix. “The CISO role is vital to the organization’s health. Navigating how to embrace AI while supporting the professionals leading our cyber defenses is mission-critical for all organizations and national security.”
The report also revealed specific challenges and solutions unearthed by CISOs:
Security threats are on the rise. Almost all respondents reported a cyberattack in the past six months, with 82% experiencing a rise in attacks. Despite the surge in attacks, there's optimism about AI's role in defense. Nearly all CISOs believe AI can protect their organizations from ransomware.
Another challenge that CISOs must overcome is that the cybersecurity industry faces a skills gap. The demand for employees with AI expertise adds another layer of complexity. This lack of qualified personnel has increased stress levels for CISOs, who now need to recruit new talent and train existing staff on AI technologies. This doesn’t help when current workloads are already demanding, with 91% of CISOs feeling they lack sufficient time to fully address the potential threats posed by these new technologies.
There is a glimmer of hope, if you want to call it that, for addressing staffing shortages. Almost 90% of respondents believe adopting GenAI can alleviate these issues. Importantly, all respondents agreed that any redundancies resulting from AI implementation wouldn't lead to job losses, but rather a shift in focus toward managing and overseeing GenAI tools. CISOs believe GenAI has the potential to improve workforce productivity by 38%.
While GenAI presents exciting opportunities for cybersecurity, it also demands careful consideration of potential risks. This goes back to the “double-edged sword” analogy used at the beginning of the article. By implementing security protocols and staying ahead of the latest AI trends as well as building a skilled workforce that can leverage these new tools, CISOs can make certain that GenAI becomes a force for good in the fight against cybercrime.
Edited by
Alex Passett
