Dive Brief:
- Artificial intelligence–powered attacks are the top concern of IT leaders today, the security firm 11:11 Systems said in a report published on Tuesday.
- Roughly three-quarters of the surveyed IT leaders said using AI could make their own organizations more vulnerable to cyberattacks, a figure that suggests the extent of tech professionals’ anxieties about the new technology’s underexplored risks.
- Nearly half (45%) of companies have already been attacked by hackers using AI to create phishing lures, the survey found.
Dive Insight:
Artificial intelligence has made it easier for hackers to craft convincing phishing messages, develop new malware and analyze potential targets. The technology can also help defenders spot anomalous activity more quickly, making it a potent tool for cyber defense. But as the data in the new 11:11 Systems report shows, many companies have experienced its harms more often than they have experienced its benefits.
In addition to the 45% of IT leaders who reported experiencing AI-based phishing attacks, 35% said their organizations had faced attacks from hackers using “autonomous and mutating malware.”
“IT and business leaders are very aware of how AI is changing the cybercrime landscape, and many have already felt its effects,” 11:11 Systems, a managed infrastructure provider, said in its report.
The company’s findings are based on a survey of more than 800 IT leaders at organizations with at least 1,000 employees in the U.S., the U.K., Canada, France, the Netherlands, Australia and Singapore.
Companies are divided in terms of how they respond to cyberattacks, with roughly a quarter handling the response fully in-house and roughly half using both in-house and outsourced teams. Another 16% have fully outsourced their recovery operations, while 7% of respondents said their organizations had no formal recovery plans.
The complexity of recovery planning, insufficient recovery budgets and a lack of in-house expertise topped the list of respondents’ recovery challenges.
More than 80% of respondents believed their organizations were overly confident in their ability to recover from an attack. Roughly half of those people said their organizations were taking steps to improve their preparedness. 11:11 Systems said those findings underscored “the need for continual improvement.”
