Sponsored by Abnormal Security, IRONSCALES, and OpenText
Published November 2024
Executive summary
The cyberthreat landscape is transforming rapidly as threat actors exploit artificial intelligence (AI) to drive attack sophistication and evasion techniques. As a result, security leaders are increasingly turning to AI-powered defensive tools to effectively combat the growing volume and sophistication of AI-enabled attacks.
This report explores the evolving use of AI in both offensive and defensive cybersecurity operations, providing actionable insights based on recent survey data from 125 security leaders in the United States. Three conclusions stand out:
- AI is already a key enabler of advanced cyberattacks. Attackers are leveraging AI to automate and scale attacks, increase the evasion of current security controls, and accelerate attack velocity. Generative AI in particular is giving attackers the ability to create highly targeted, polymorphic phishing campaigns and more sophisticated malware strains that evade detection.
- Defenders are moving quickly but face challenges. While 80% of security leaders agree that AI is essential for countering malicious AI, the deployment of effective AI defenses remains uneven. Defensive AI technologies like behavioral analysis and semi-supervised machine learning are gaining traction, but cybercriminals maintain a clear lead in areas like generative adversarial networks (GANs).
- AI’s impact on cybersecurity professionals is transformative. AI offers the potential to automate routine tasks, freeing cybersecurity professionals to focus on strategic initiatives such as threat hunting, incident response, and defense hardening. However, there is still work to be done in integrating AI into a cohesive long-term cybersecurity strategy, with only 70.4% of leaders ranking strategic alignment as a high priority.