AI Widens Cybersecurity Gap Between Attackers And Defenders

Generative AI (GenAI) is reshaping the cybersecurity landscape, driving advancements for defenders while empowering attackers to operate with greater efficiency and creativity, according to the latest Splunk CISO Report.

The report reveals how artificial intelligence is being harnessed on both sides of the cyber conflict, creating opportunities and challenges in equal measure.

The study highlights a growing disparity in priorities between board members and Chief Information Security Officers (CISOs). While 52% of CISOs are focused on adopting emerging technologies like GenAI, only 33% of board members share their enthusiasm.

This disconnect extends to budget allocation, with just 29% of CISOs believing they have sufficient funding to secure their organizations, compared to 41% of board members who think otherwise.

This lack of alignment is raising red flags, as nearly two-thirds (64%) of CISOs report that insufficient resources have contributed to cyberattacks on their organizations.

For cybercriminals, GenAI is proving to be a game-changer. It enables them to make existing attacks more effective (32%), increase attack volumes (28%), and create entirely new types of threats (23%).

On the defensive side, security teams are leveraging AI for tasks such as identifying risks (39%), analyzing threat intelligence (39%), and prioritizing threat detection (35%).

However, concerns about AI-powered attacks dominate among CISOs, with 36% identifying them as their primary worry, followed by cyber extortion (24%) and data breaches (23%). Greg Clark, Director of Product Management at OpenText Cybersecurity, emphasized the need for comprehensive training alongside AI-powered solutions.

“Phishing scams and insider threats are only getting more sophisticated. Whether a large enterprise or a small business, education and awareness across all departments need to be layered on top of AI-powered technologies that detect threats,” Clark said as reported by Tech Radar.

The cybersecurity skills gap remains a pressing issue, but AI is seen as a potential solution. A significant majority of respondents—86%—believe AI can assist in onboarding entry-level talent, while 65% see it enhancing the productivity of experienced professionals.

To address these challenges, organizations are ramping up security training for compliance and legal teams, with over 90% prioritizing cross-disciplinary education.

The report underscores the importance of maintaining robust cyber-hygiene practices, such as enforcing strong passwords, implementing multi-factor authentication, and assessing third-party vendors for vulnerabilities.