CISOs are still more worried about ransomware than AI-powered cyberattacks

News
By Benedict Collins
published

AI cyber attacks are concerning but not the main threat

Security
(Image credit: Shutterstock)

A new survey has found that a CISOs main concern continues to be ransomware, despite AI cyber attacks continuing to increase in severity.

The survey, conducted by ClubCISO in collaboration with Telstra Purple, found that ransomware attacks (67%) ranks higher than both software supply chain/third-party risks (64%) and software vulnerabilities (59%) as the biggest threat to organizations.

While AI-powered cyber attacks are gradually making their way onto the CISO radar, they are not currently forcing a change of priority, as the focus remains on the costly consequences of having data stolen or encrypted, especially as ransoms demanded continue to rise to higher and higher levels.

 Genuine threat or just a precaution?

But while AI-power cyber attacks aren’t high on the threat list just yet, 3 out of 5 (62%) of CISOs believe that the security industry is not ready to deal with such attacks, and that the risk of an AI-powered cyber attack having a significant effect on their business is at a critical or high level (63%).

This concern is not being reflected in cybersecurity spending however, with over three-quarters (77%) of respondents stating that AI has not prompted an increase in their budget. Some teams are reflecting this concern in other ways though, in the hiring of new staff, but this remains a minority with just 6% of CISOs searching for new hires with AI threat skill sets, and 7% looking for those with the skills to use AI as a defensive tool.

Commenting on the survey results, Rob Robinson, Head of Telstra Purple EMEA, said, “Our member survey highlights that, in contrast to some of the reporting we’ve seen around AI, CISOs are taking a measured, wait and see approach before making any significant investment decisions. While AI has the potential to augment a range of attack tactics, such as creating more compelling social engineering attacks, CISOs are clearly more concerned with threats as they stand today.”

“We’ve seen CISOs evolve to become strategic conductors, rather than technology and domain experts, in the past few years. The emergence of AI and the threat it poses are clearly being balanced with a range of technology, skills, risk, and macro-economic factors,” he concluded.

More from TechRadar Pro

Benedict Collins
Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but also likes to draw on his knowledge of geopolitics and international relations to understand the motivations and consequences of state-sponsored cyber attacks. Benedict has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham.