Generative AI (GenAI) is becoming a cornerstone of cybersecurity, revolutionizing both defenses and threats. According to the latest Splunk CISO Report, over 52% of CISOs prioritize emerging technologies like GenAI to combat increasing cyber threats. However, the boardroom remains less aligned, with only 33% of board members supporting such initiatives, highlighting a disconnect in corporate priorities.
GenAI is playing a pivotal role in risk identification (39%), threat intelligence analysis (39%), and prioritizing threat detection (35%) for CISOs. However, cybercriminals are also exploiting AI to amplify their attacks, from making existing methods more effective (32%) to developing entirely new types of threats (23%).
Despite these advancements, CISOs report ongoing challenges. Nearly 64% of CISOs attribute a lack of adequate budget and board support to the frequency of cyberattacks their organizations face. While 41% of boards believe budgets are sufficient, only 29% of CISOs agree, creating a serious risk for organizations navigating increasingly sophisticated threats.
The rise of AI-powered cyberattacks is the top concern for 36% of CISOs, followed by worries about cyber extortion (24%) and data breaches (23%). Although AI is enhancing defensive tools, Greg Clark, Director of Product Management at OpenText Cybersecurity, emphasizes that education and employee awareness remain crucial. Phishing scams and insider threats, now bolstered by AI, demand robust training across all departments.
To address these challenges, security teams are ramping up cross-functional training, with 91% of organizations providing legal and compliance training to security professionals and vice versa. Furthermore, 86% of respondents believe AI could help bridge the cybersecurity skills gap by streamlining entry-level roles and increasing productivity for experienced professionals.
Preventing cyberattacks requires proactive measures. Strong passwords, combined with multi-factor authentication (MFA), remain the most effective defense against breaches, as 80% of data breaches stem from poor password security. Businesses should implement password managers and enforce robust password policies.
Organizations should also assess vulnerabilities in third-party vendors, as even the strongest internal defenses can be undermined by external breaches. The US Treasury’s recent “major incident” illustrates how third-party compromises can expose critical vulnerabilities.
While budgets may be constrained, investing in cybersecurity is non-negotiable. Ransomware attacks can cost organizations millions, eroding customer trust and damaging reputations. As threats become more advanced, adopting AI-driven solutions alongside employee education and robust cybersecurity practices is essential for mitigating risks and securing the future.