Risk managers beware – generative AI spells serious concerns for security

Risk managers beware – generative AI spells serious concerns for security

Risk managers beware – generative AI spells serious concerns for security | Insurance Business America

Risk Management News

Risk managers beware – generative AI spells serious concerns for security

More than eight in 10 believe that deepfake tech will be used in future cyber attacks

Risk Management News

By
Kenneth Araullo

A recent study by cybersecurity consultancy Gemserv warns that the ever-evolving world of artificial intelligence poses new challenges for companies as it threatens to fuel more sophisticated cyber attacks.

The study highlights the growing concern among CISOs regarding the use of deepfake AI technologies in cyber attacks. A substantial 83% of respondents believe that generative AI will play a more significant role in future cyber attacks, with 38% expecting a significant increase and 45% anticipating a moderate rise in attacks utilising these technologies over the next five years. However, only 16% of respondents believe their organizations have an excellent understanding of these advanced AI tools.

“As the AI revolution transforms the landscape of cybersecurity, CISOs stand at the forefront of this change. AI is reshaping the contours of cyber defence by augmenting human capabilities, predicting threats, and fortifying organisations against the volatile cyber threat landscape,” said Mandeep Thandi, Gemserv director of cyber and privacy.

The evolving cyber threat landscape presents risk managers with a formidable challenge in predicting and preparing for attacks. However, the study revealed that 69% of organizations lack access to either security information and event management (SIEM) tooling or cyber threat intelligence, with 8% having neither.

More than three quarters (78%) of CISOs also believe the cyber threat landscape will become more complex and challenging over the next 12 months, while 83% expect more cyber attacks using generative AI tools.

See also  Consumers, businesses find Singapore insurers trustworthy – study

In this climate of uncertainty, risk managers face difficulties in securing budgets, making informed decisions, and recruiting and retaining the right talent. These obstacles underscore the urgency of investing in cybersecurity resources, including robust cyber threat intelligence, to proactively combat evolving threats.

The study also revealed that CISOs face challenges in advising senior leadership within their organisations, with 63% feeling that their senior leadership lacks a comprehensive understanding of imminent cybersecurity and privacy threats. Additionally, 69% of European CISOs and 61% of UK CISOs report a deficiency in cyber threat intelligence (CTI), hindering their ability to prioritise budgets and inform their boards about impending threats.

“CTI is vital for organisations as it provides proactive insights into potential cyber threats, enabling timely identification, risk assessment, and tailored defence strategies. It empowers organisations to stay ahead of adversaries, enhance incident response, and continuously improve their cybersecurity posture in the face of evolving cyber risk,” Thandi said.

Evolving regulations to combat evolving risks

Amidst these challenges, new regulations are on the horizon, with the European Union’s (EU) AI Act and the UK’s Data Protection and Digital Information (DPDI) Bill set to reshape the regulatory landscape. These regulations aim to clarify, manage risks, and strengthen rules around data quality, transparency, human oversight, and accountability.

Four in five of CISOs believe these new regulations will support their organisations’ growth and expansion of services. Notably, the EU’s AI Act distinguishes between high-risk and low-risk AI tools, ensuring that organisations maintain high standards of transparency and security.

While CISOs demonstrate unwavering resilience, the need for additional resources and support is palpable, the report noted. Budget constraints, talent shortages, communication gaps, and evolving cyber threats underscore the urgency of fortifying cybersecurity efforts.

See also  'Client-first, client-centric' – what's behind Sun Life Canada's big move?

What are your thoughts on this story? Please feel free to share your comments below.

Keep up with the latest news and events

Join our mailing list, it’s free!