In a recent survey conducted by Action1, it was found that while system administrators (sysadmins) acknowledge the potential of AI in cybersecurity, there are significant gaps in education, cautious organizational adoption, and insufficient AI maturity that hinder the widespread implementation of AI. This has led to mixed results and disruptions in approximately 16% of organizations.
Sysadmins have highlighted the top three areas for AI automation in the next two years as log analysis, server CPU and memory monitoring, and patch management. However, areas requiring human judgment, such as user rights administration, are deemed less likely to be automated by AI. Despite the potential identified by sysadmins, there is a persistent gap in AI literacy, with 60% of respondents acknowledging a lack of understanding in leveraging AI practically. Additionally, 72% expressed a need for training, and 45% were concerned about becoming obsolete in the job market due to their current level of AI literacy.
Mike Walters, President of Action1, emphasized the cautious approach organizations are taking towards AI implementation, with most projects focusing on a few IT areas and yielding mixed results. While AI is commonly implemented in log analysis and troubleshooting, the highest failure rates were reported in these areas. Failures in implementing AI for log analysis were reported in one out of every four organizations, mainly due to the complexity of logs and the challenges AI algorithms face in interpreting meaningful data from vast amounts of noise.
The study also found that AI led to critical disruptions in 16% of organizations, resulting in incorrect remediation steps, prolonged downtime, and reduced productivity. Despite the interest in AI, 80% of organizations do not require sysadmins to implement AI in their job roles, indicating a gap between recognizing AI’s potential and its mandated application.
To overcome these challenges, organizations are urged to invest in literacy and training programs, maintain a balance between AI and human expertise, introduce AI in low-risk areas, and continuously monitor its performance. It is evident that while AI holds great promise for enhancing cybersecurity practices, further education and training are essential for successful implementation and integration into organizational processes.