Survey: Cybersecurity Teams Struggling to Keep Pace in the Age of AI
A survey of 1,100 cybersecurity and IT professionals published this week finds more than three quarters (76%) report their organization is struggling to keep pace with cyberattacks that have increased in both volume and sophistication.
Survey: Cybersecurity Teams Struggling to Keep Pace in the Age of AI
A survey of 1,100 cybersecurity and IT professionals published this week finds more than three quarters (76%) report their organization is struggling to keep pace with cyberattacks that have increased in both volume and sophistication.Conducted by the market research firm Vanson Bourne on behalf of CrowdStrike, the survey also finds 89% of respondents are now counting on artificial intelligence (AI) to close a growing gap between their organizations ability to combat threats and the latest tactics and techniques being adopted by adversaries.
CrowdStrike Field CTO for the Americas Cristian Rodriguez said the survey makes it clear that those adversaries are leveraging advances in automation and AI to launch phishing attacks that are not only harder to detect, but are also actively exploiting more vulnerabilities. Historically, the percentage of known vulnerabilities that were exploited was relatively small, but it appears that adversaries are now leveraging AI to develop more exploits faster, he said.In fact, nearly half of survey respondents (48%) now view AI-automated attack chains as the greatest ransomware threat. More troubling still, 85% said traditional detection methods for detecting these attacks are becoming obsolete, with 82% believing that generative AI makes phishing emails more difficult to identify, even for well-trained employees. Nearly half (45%) also said they fear cybersecurity teams can’t detect or respond as fast as AI-driven attacks can execute. A full 87% expect deepfake audio and video to become major attack vectors in the future.On the plus side, more than half (53%) said their organization uses AI-powered threat detection, with 48% relying on some form of AI-enhanced phishing detection. Unfortunately, less than a quarter (22%) said their organization can recover from a ransomware attack within 24 hours, with nearly 25% suffering significant disruption or data loss. Overall, well over three quarters (78%) report they were hit by a ransomware attack in the last 12 months, with 39% not being able to recover lost data.The survey makes it apparent that relying on data protection technologies to thwart a ransomware attack is not sufficient, largely because it still takes too long to recover data, noted Rodriguez.Worse yet, only 38% said the issue that allowed attackers to gain access in the first place has actually been fixed. Other actions taken in the wake of a ransomware attack include increased investments in cybersecurity (51%), improved detection and monitoring capabilities (47%), enhanced training and awareness programs (45%), upgraded incident response plans (42%), added new cybersecurity staff/consultants (39% and upgraded cyber insurance (39%).Adding insult to injury, caving into ransom demands doesn’t seem to make much of a difference either. A full 93% had data stolen anyway, with 83% of victims that paid ransoms being attacked again. A total of 21% paid ransom but were unable to recover all data. The most common initial point of compromise involving a phishing attack (45%), followed by vulnerability exploits (40%), supply chain compromise (35%), compromised credentials (33%), malicious downloads (32%), misuse of remote monitoring and management (RMM) tools (31%), and insider threats (27%).Overall, the average downtime cost per ransomware incident is estimated to be $1.7 million. Despite those costs, however, more than three quarters (76%) also said there is a disconnect between leadership and security teams regarding ransomware readiness even though 22% said their organization lost customers or business opportunities because of an incident.It’s clear that as the battle to thwart cyberattacks is being fought more in real time, the way organizations will need to defend themselves needs to evolve. The issue right now is adversaries are evolving their attack at a significantly faster pace than defenders.
About Author
