CISOs are still more worried about ransomware than AI-powered cyberattacks
AI cyber attacks are concerning but not the main threat
A new survey has found that a CISOs main concern continues to be ransomware, despite AI cyber attacks continuing to increase in severity.
The survey, conducted by ClubCISO in collaboration with Telstra Purple, found that ransomware attacks (67%) ranks higher than both software supply chain/third-party risks (64%) and software vulnerabilities (59%) as the biggest threat to organizations.
While AI-powered cyber attacks are gradually making their way onto the CISO radar, they are not currently forcing a change of priority, as the focus remains on the costly consequences of having data stolen or encrypted, especially as ransoms demanded continue to rise to higher and higher levels.
Genuine threat or just a precaution?
But while AI-power cyber attacks aren’t high on the threat list just yet, 3 out of 5 (62%) of CISOs believe that the security industry is not ready to deal with such attacks, and that the risk of an AI-powered cyber attack having a significant effect on their business is at a critical or high level (63%).
This concern is not being reflected in cybersecurity spending however, with over three-quarters (77%) of respondents stating that AI has not prompted an increase in their budget. Some teams are reflecting this concern in other ways though, in the hiring of new staff, but this remains a minority with just 6% of CISOs searching for new hires with AI threat skill sets, and 7% looking for those with the skills to use AI as a defensive tool.
Commenting on the survey results, Rob Robinson, Head of Telstra Purple EMEA, said, “Our member survey highlights that, in contrast to some of the reporting we’ve seen around AI, CISOs are taking a measured, wait and see approach before making any significant investment decisions. While AI has the potential to augment a range of attack tactics, such as creating more compelling social engineering attacks, CISOs are clearly more concerned with threats as they stand today.”
“We’ve seen CISOs evolve to become strategic conductors, rather than technology and domain experts, in the past few years. The emergence of AI and the threat it poses are clearly being balanced with a range of technology, skills, risk, and macro-economic factors,” he concluded.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
More from TechRadar Pro
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.