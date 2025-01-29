Sophos report finds firms are worried GenAI flaws could harm their cybersecurity

99% claim AI is essential when choosing a provider

Human-first approach appears to be key, Sophos says

The rise of artificial intelligence is coming at the expense of increased cybersecurity threats, and businesses are struggling to adapt, new research has claimed.

A report from Sophos revealed nine in 10 (89%) IT leaders worry that flaws in generative AI system could harm their businesses’ cybersecurity strategies.

Despite this, almost all (99%) IT leaders now consider AI capabilities essential when selecting a cybersecurity provider in the perfect example of fighting fire with fire.

AI’s role in cybersecurity

Artificial intelligence has given threat actors new powers, turning unskilled attackers into more sophisticated code creators, while making it harder for analysts to trace the origin of threats.

One in five respondents hoped AI will help them improve protection from cyberthreats, with 14% hoping for reduced employee burnout.

It all comes at a cost, though, with four in five believing that new AI tools embedded into their cybersecurity solutions will increase the cost of tools. Still, 87% believe the savings will outweigh the initial costs.

“We have not actually taught the machines to think; we have simply provided them the context to speed up the processing of large quantities of data,” Sophos Global Field CTO Chester Wisniewski said, adding firms should “trust but verify” GenAI tools.

An overwhelming majority (98%) of the companies surveyed now have some form of AI embedded into their cybersecurity infrastructure, but 84% are worried about the pressure to reduce workforces due to an over-reliance on the tech.

Wisniewski added: “The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realized.”

Looking ahead, Sophos calls for IT leaders to evaluate AI vendors for things like the quality and source of their training data, to establish measurable outcomes they hope to achieve from AI, and to adopt a human-first approach.