SAN FRANCISCO, RSAC 2024 -- Trellix today announced a new report, Mind of the CISO: Decoding the GenAI Impact, launched in partnership with leading bipartisan research organization and think tank, the Center for Strategic and International Studies (CSIS). The research reveals insights from a survey of 500 security executives in North America on how increasing GenAI and AI use is currently evolving the threat landscape and the CISO role to reshape the future of cybersecurity in the workplace.
“GenAI and AI have the potential to both disrupt and enhance security operations. As the acting gatekeepers - CISOs are under immense pressure,” said Harold Rivas, CISO, Trellix. “The CISO role is vital to the organization’s health. Navigating how to embrace AI while supporting the professionals leading our cyber defenses is mission-critical for all organizations and national security.”
The democratization of GenAI means it can be used by professionals at every skill level, bringing with it a range of benefits as well as potential risks and challenges. This same democratization makes GenAI capabilities easy to access and economical for malicious cyber actors. The role of the CISO has become even more essential as they’re looked upon to navigate this evolving landscape. With cyberattacks on the rise, AI pressures mounting, and responsibilities growing, it’s no surprise 90% of CISOs find themselves under increased pressure. Keeping pace with AI and GenAI is vital, and almost all respondents said their organizations could do more.
Increased risk is balanced with the recognized potential for GenAI to better strengthen and prepare their own cybersecurity measures, with 91% of CISOs expressing excitement over the prospects and opportunities. Paving the way for success, almost half of CISOs surveyed are already working to secure their AI tools, with 45% developing an AI committee to review AI tools as well as implementing governance, including security frameworks and standards.
Notable CISO insights shed light on the challenges along with the solutions GenAI and AI present in security operations:
- Increase in Attacks: 99% reported a cyberattack in the past six months, and 82% reported an increase in cyberattacks.
- Better Protection: 91% of CISOs agreed AI can help protect their organizations from ransomware.
- Increase in Stress: The cybersecurity skills gaps and the need to recruit new employees with AI experience and knowledge has increased stress levels, in addition to the requirement to train current employees on AI.
- Solving the Cyber Talent Gap: 89% of CISOs agree adopting and integrating GenAI tools will help address security operations staffing issues within their organization. CISOs also all agreed any redundancies as a result of GenAI would be repurposed within the organization focused on managing and overseeing GenAI tools.
- Demanding Workloads: Current demanding workloads see 91% of CISOs expressing they don’t have enough time to focus on the threat of these technologies.
- Increase in Productivity: On average, CISOs believe GenAI has or could improve the productivity of their organization’s workforce by 38%.
“CISOs’ concerns over shifting AI regulations have them asking policymakers for greater regulation around its use, with nearly all agreeing it’s needed in the next six months,” said James Lewis, SVP, Pritzker Chair, and Director, Strategic Technologies Program, CSIS. “This isn’t surprising given the inherent risks and current potential for increased exposure and liability in their role. There needs to be clear regulatory rules and compliance standards applicable across industries to help enable CISOs and their organizations to develop scalable solutions for global adoption.”
Learn more about Mind of the CISO: Decoding the GenAI Impact here. Additional insights will be shared in a live and virtual event hosted by Trellix and CSIS on Thursday, May 16, 1 - 2 PM ET.
Trellix’s Mind of the CISO initiative was launched last year to bring global attention to the needs of the CISO community, driving cybersecurity and AI best practices. Trellix continuously looks to support the global CISO community by engaging, listening, and advocating.
Additional Resources: