SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image

Businesses fear AI's role in rising cyberattack threats

Tue, 19th Nov 2024

Businesses are increasingly apprehensive about the use of artificial intelligence (AI) in cyberattacks, as revealed by a recent study conducted by Kaspersky.

The study found that 76% of surveyed companies reported an increase in cyber incidents over the past year. Almost half of these respondents, specifically 46%, believe many of the attacks could be AI-driven. This indicates a growing concern that AI is now a tool not only for innovation but also being leveraged by cybercriminals to enhance their threat capabilities.

Titled "Cyber defense & AI: Are you ready to protect your organization?", the Kaspersky study collated feedback from IT Security and Information Security professionals in small to medium enterprises and large corporations. Their responses highlight significant worries about AI-enhanced cyber threats.

Seventy-two percent of respondents viewed the potential misuse of AI by cybercriminals as a major concern. This sentiment is driving companies to rethink their cybersecurity strategies, emphasising proactive and comprehensive measures. The study indicates that regular training to build internal expertise is critical, with 92% of companies acknowledging its importance. Additionally, 91% value having highly qualified personnel, and 90% consider external cybersecurity expertise crucial. Adequate staffing in IT teams is also underscored by 88% of survey participants, alongside the use of third-party security solutions, which 86% support.

Despite these acknowledgements, the study revealed gaps in readiness among many organisations. Over half, around 57%, do not have the necessary external cybersecurity expertise, and 54% indicate that their IT teams are insufficiently staffed. Furthermore, 49% lack highly qualified personnel, and 52% fall short in executing regular training programmes. An alarming 53% of respondents also believe their current security solutions are inadequate, raising concerns about their vulnerability to AI-driven attacks.

Oleg Gorobets, Corporate Infrastructure Protection Expert at Kaspersky, commented on the current cybersecurity landscape, "The cybersecurity landscape today mirrors past challenges, with businesses questioning if current solutions suffice. Ransomware, once a primary threat, now demonstrates a dangerous surge, and business decision-makers start questioning the causes of this resurgence. The recent hype around AI offers an easy, if not entirely correct explanation. In reality, while using AI to create convincing phishing messages or more effective reconnaissance may be of some help, the root causes are most often more straightforward: cybercriminals have become more organized, better at collaborating, developing innovative attack strategies, and lowering the barriers for less skilled and resourceful attackers. So, while it's useful to keep an eye on AI progress that can enable both attackers and defenders with new options, there are solid strategies companies can — and should — implement immediately. Companies should prioritize securing critical IT infrastructure with robust, multi-layered solutions that offer a unified security context. An XDR ecosystem, combined with skilled expertise — whether in-house or through a managed service — can greatly enhance defenses. Additionally, ongoing employee training, including cybersecurity basics and safe AI practices, adds another critical layer of protection for the organization."

Kaspersky recommends businesses adopt robust, multi-layered protective solutions to secure every aspect of their IT networks. Solutions like the Kaspersky Next product line integrate advanced AI technologies to block emerging threats actively. Inter-compatibility of these solutions is crucial for providing a unified view of corporate security, with Kaspersky Next XDR Expert being highlighted as a suitable choice for an integrated approach.

For those lacking in-house expertise, Kaspersky suggests using Managed Detection & Response services alongside their Cybersecurity Training options. Enhancing employee awareness through tools like the Kaspersky Automated Security Awareness Platform can also strengthen an organisation's defensive perimeter by promoting cybersecurity-conscious behaviour.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X