Search
Close this search box.

How Will CISOs Be Impacted by the Proliferation of AI in Cybersecurity

How Will CISOs Be Impacted by the Proliferation of AI in Cybersecurity

The proliferation of AI has taken the world by storm, yet the impact on cybersecurity and the Chief Information Security Officers (“CISOs”) that manage it is mixed. Marching to an impressive sustained annual growth, which is expected to continue through the decade, AI can no longer be ignored for its potential benefits and risks.

As organizations embrace AI in a myriad of ways, including as a time-saver across departments in many areas of operations, a disturbingly low percentage of CISOs report relying on it in their day-to-day activities. This points to a disconnect between siloed departments and the primary parties responsible for ensuring the cybersecurity of the organization. Furthermore, there has been little, if any, training of employees in the appropriate and safe usage of generative AI in the workplace, a glaring shortcoming that can put an entire organization at risk.

Discipline and governing protocols around the use of AI are found to be lacking and CISOs have been slow in adapting to the excitement and embrace of emerging AI technologies and applications.

Furthermore, there has been little, if any, training of employees in the appropriate and safe usage of generative AI in the workplace, a glaring risk that can put an entire organization at risk.

CISOs are notoriously overworked and, in some cases, may potentially be held personally liable for errors or damages. With the rapidly evolving cyberthreat landscape, while challenging, it is absolutely critical that CISOs remain abreast of new developments in AI and address related security challenges accordingly. This will undoubtedly add to their workload and responsibilities as AI’s threats to security continue to mount.

While AI is being hailed for its obvious benefits, it is also providing opportunity for bad actors to leverage its power for nefarious purposes. Their tactics could, for example, lead to faster and more widespread phishing activities.

Through phishing, hackers can now bait potential victims with perfect accuracy, as opposed to previous attempts that were notoriously riddled with errors, typos, and inaccuracies. In addition, the use of deepfake AI technology is tripping up even the most seasoned of IT professionals, not to mention lower-level employees. Recently, a multinational suffered a $26 million loss when a deepfake video of their CFO conned staff into making what they thought were legitimate bank transfers. Another concerning trend that has emerged is the redirection of AI, causing the technology to malfunction, outputting incorrect content and information, and in many cases even damaging it. In effect, hackers can literally poison an AI system in a manner that will compromise an organization’s security and integrity. Without adequate awareness, training, governing protocols, and other security measures, more companies will remain at risk for these and other calamities.

In order to neutralize and counter threats of this nature as well as other developing risks, organizations must first understand the new AI landscape. For many non-tech administrators, the learning curve is significant and many report feeling intimidated or overwhelmed by the advent and propagation of AI. It is high time to bite the bullet and introduce broad education on generative AI–both its strengths and weaknesses–so that decision-makers can appropriately calculate their organizations’ risks and assign adequate budgets to governance, training, and technology that will more effectively secure their businesses. CISOs need their support, intellectually, managerially, and budgetarily in order to meet the threats arising from the rapid spread of AI on every level of operation. Without it, CISOs will impotently flounder in an ever-evolving sea of AI-powered advancement, unable to deflect attempts to destroy, malign, trick, and ultimately steal from their organizations. CISOs represent the front line of cybersecurity and it is imperative that they be robustly equipped with the education, tools, and comprehensive support necessary to keep their employers safe. Championing this support will take vision, courage, humility, and unwavering leadership. Time will tell who is up to the task.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Index Engines: Ensuring the Integrity and Recoverability of Data – Six Five On the Road at RSAC

The Futurum Group Announces Shira Rubinoff as President, Cybersphere

What is Autonomous Endpoint Management? – Six Five On The Road

Author Information

Shira Rubinoff

Acclaimed cybersecurity researcher and advisor, Shira is a global keynote speaker and presenter, and expert media commentator. She joined The Futurum Group in February 2024 as President, Cybersphere.

SHARE:

Latest Insights:

Sovereign Cloud Deployments: The Race Among Hyperscalers
Steven Dickens, Chief Technology Advisor at The Futurum Group, shares insights on Oracle’s US$6.5 billion investment in Malaysia's sovereign cloud. This move, alongside strategic hyperscaler partnerships, positions Oracle to lead in AI innovation and regulated cloud deployments.
VAST Data Adds to Its AI Capabilities With New InsightEngine Targeting RAG Workloads
Mitch Lewis, Research Analyst, Camberley Bates, CTA, and Mitch Ashley, CTA, at The Futurum Group share their analysis on the VAST Data’s InsightEngine with NVIDIA announcements.
Krista Case, Research Director at The Futurum Group, overviews NetApp Insight 2024.

Latest Research:

In our latest Research Brief, Leveraging Intelligence to Maximize the Value of CRM Data, completed in partnership with SugarCRM, we discuss how AI can be harnessed to deliver real-world benefits quickly through intelligent summarization and cover how SugarCRM is making this capability within its customer relationship management offering.
In our latest research report, Boost Efficiencies and Optimize Performance with Turnkey AI Enterprise Solutions, we examine how organizations can plan and build private AI solutions and why private AI addresses the growing demand for greater control over AI solutions, including protection and transparency.
In our latest research report, Achieve Better Economics and Performance Through Hybrid AI, we examine why the Lenovo Smarter AI for All portfolio and vision can meet the unique demands of selecting and implementing hybrid AI organization wide.