In a recent study conducted by Ivanti, it has been revealed that the use of GenAI, a powerful tool, is posing a significant threat to organizations as it can be utilized by both security teams and malicious actors. The increasing use of GenAI in crafting phishing-related attacks has raised concerns among cybersecurity professionals.
According to Ivanti’s research, phishing emerged as the top threat that is escalating due to the adoption of GenAI, with 45% of survey participants highlighting its severity. Despite the importance of training in fortifying cyber defenses, many organizations have failed to adapt their training strategies to effectively combat AI-powered threats. While 57% of organizations rely on anti-phishing training to safeguard themselves against sophisticated social engineering attacks, only 32% consider this training to be highly effective.
GenAI is now being employed by attackers to create highly convincing content to deceive victims on a large scale and at a minimal cost. The potential of GenAI to personalize phishing messages based on publicly available data poses an even greater risk to organizations. As GenAI continues to evolve, it is imperative for cybersecurity professionals to deepen their understanding of its implications and develop new strategies to thwart malicious AI threats.
Robert Grazioli, CIO at Ivanti, emphasized the need for cybersecurity professionals to stay ahead of the evolving landscape of GenAI to prevent it from becoming a dominant threat. While GenAI offers opportunities for security teams to enhance threat detection, improve predictive capabilities, and enable real-time responses to emerging threats, a sizable 72% of organizations struggle with the isolation of IT and security data in silos.
Despite the significant power GenAI confers to threat actors, a notable 90% of respondents believe that it also offers substantial benefits to security teams. However, there is skepticism among security professionals regarding the benefits of AI tools for their roles, with one in three citing a lack of skill and talent as a major challenge. To address this gap, companies must focus on upskilling their cybersecurity teams through interactive learning opportunities and attack simulations.
The study surveyed over 14,500 executives, IT and security professionals, and office workers to gain insights into how organizations are managing AI in cybersecurity and the necessary measures needed to enhance defenses. As the use of AI tools continues to evolve, ongoing and continuously evolving training is crucial to ensure that employees are equipped to handle the evolving cybersecurity landscape effectively.
In conclusion, while GenAI presents both opportunities and threats in the cybersecurity realm, it is essential for organizations to adapt their strategies and invest in upskilling their employees to effectively combat the growing menace of AI-powered attacks. By staying proactive and agile in their approach to cybersecurity, organizations can better protect themselves against the evolving tactics of malicious actors leveraging GenAI.