AI impact on data breach outcomes remains ‘limited’: Verizon

AI impact on data breach outcomes remains ‘limited’: Verizon

Dive Brief:

  • Despite fears, the recent waves of AI uptake have yet to require a cybersecurity overhaul, according to Verizon’s 18th edition of its Data Breach Investigations Report published Wednesday
  • AI-generated text in malicious emails has doubled in the past year, but the rate of successful phishing breaches stayed stable, the report found after analyzing more than 22,000 security incidents.
  • “While we’ve observed gradual adoption of these technologies, their impact on breach outcomes remains limited,” Chris Novak, VP of Verizon Global Cybersecurity Solutions, said in an email. “We are actively tracking AI developments but, currently, no breakthroughs necessitate major shifts in defensive strategies.”

Dive Insight:

Cybersecurity risks are a top concern for business leaders globally, especially as ongoing AI additions expand the attack surface and make techniques like phishing more accessible for novice bad actors. 

For now, however, the cybersecurity status quo remains relatively unchanged, but that could shift. 

“More traditional attacks, like exploiting software vulnerabilities, continue to be more prevalent,” Novak told CIO Dive. “We anticipate AI advancements on both the offensive and defensive fronts will likely progress in tandem as practical applications are explored.”

IT leaders still need to keep an eye on shadow AI within their organization. Verizon found a large number of employees using AI via a non-corporate email or without an integrated authentication system in place, suggesting unsanctioned use. 

Technology decision-makers should also begin to adapt protocols and upskill teams to address worries around AI’s risks. More than half of executives say the complexity of AI applications has weakened their company’s cybersecurity posture, and around 2 in 5 organizations don’t have the skills needed to secure workloads, according to a Flexential report

The cybersecurity market is poised to balloon as AI’s risks come into clearer view. Global cybersecurity spending is predicted to reach $338 billion by 2033, up from $152 billion in 2023, Bloomberg Intelligence analysts expect. 

Even as employers take a “wait-and-see” approach to hiring amid uncertain economic conditions, cybersecurity engineers and analysts are among the roles in highest demand, a CompTIA analysis of U.S. Bureau of Labor Statistics data found.


Source link