Most Security Experts Sound Alarm On Generative Ais Double-Edged Benefits

Generative artificial intelligence (AI) is being weighed against its potential risks. A recent report by CrowdStrike surveyed 1,022 security researchers and practitioners from the U.S., APAC, EMEA, and other regions to understand their concerns about AI.

While 64% of respondents have either purchased generative AI tools for work or are researching them, the majority remain cautious. Only 6% are actively using these tools, indicating that many organizations are hesitant to adopt generative AI due to security concerns.

The report found that the highest-ranked motivation for adopting generative AI is not addressing a skills shortage or meeting leadership mandates, but rather improving the ability to respond to and defend against cyberattacks. This suggests that organizations see generative AI as a valuable tool in their fight against cyber threats.

However, the survey also revealed that security professionals are concerned about data exposure to the LLMs (large language models) behind AI products and attacks launched against generative AI tools. Other concerns include:

1. A lack of guardrails or controls in generative AI tools.
2. AI hallucinations (the production of incorrect or nonsensical information).
3. Insufficient public policy regulations for generative AI use.

To mitigate these risks, organizations must consider safety and privacy controls as part of any generative AI purchase. This can help protect sensitive data, comply with regulations, and minimize the risk of data breaches or misuse.

Generative AI can be used to enhance threat detection and analysis, automate incident response, detect phishing attempts, provide enhanced security analytics, and create synthetic data for training. However, despite its potential benefits, generative AI introduces new security risks that must be addressed.

Organizations must carefully evaluate the benefits and risks of using generative AI in their cybersecurity strategies. Measuring ROI (return on investment) is a top economic concern when adopting generative AI products, with cost optimization from platform consolidation and more efficient security tool use being the most important factor, followed by reduced security incidents, less time spent managing security tools, and shorter training cycles.

To leverage AI effectively, organizations should use generative AI for brainstorming, research, or analysis with the understanding that its information often must be double-checked. They can also pull data from disparate sources into one window in various formats, shortening the time it takes to research an incident. Utilizing automated security platforms with generative AI assistants, such as Microsoft’s Security Copilot, is another way to effectively leverage AI.

By adopting generative AI responsibly and with proper safeguards in place, organizations can protect against cyber threats and stay ahead of emerging risks.