AI-based Security Innovations, Declining Successful Cyberattacks, and Rising IT Security Budgets Spur Cautious Optimism Among Cybersecurity Professionals
CyberEdge Group, a leading research and marketing firm serving the cybersecurity industry’s top vendors, today announced the publication of its 2024 Cyberthreat Defense Report (CDR). This year’s 10th anniversary special edition provides keen insights into how artificial intelligence (AI) is impacting the cybersecurity industry and how enterprises leverage IT security training to improve job satisfaction. It also spotlights the growing inclusion of cybersecurity experts on boards of directors. Further, the report reveals which cybersecurity technologies are in highest demand.
IT Security Teams Have the Upper Hand With AI… For Now
Artificial intelligence is both a blessing and a curse for IT security teams. While 97 percent of security professionals surveyed agree that AI will benefit security teams, 96 percent also believe it will benefit threat actors. However, when asked who will benefit more, 50 percent more respondents say they believe AI will give security teams the upper hand than those who believe threat actors will benefit more.
Security Professionals Feel Cautiously Optimistic
Several findings in this year’s CDR show that IT security leaders are feeling cautiously optimistic. The percentage of organizations victimized by a successful cyberattack declined for the third consecutive year, while the percentage of organizations victimized by a successful ransomware attack fell for the first time in CDR history. Nearly nine in 10 IT security operating budgets are rising, and at a record pace. Meanwhile, the percentage of security professionals who believe that a successful cyberattack is more likely than not in the coming year declined significantly.
“There’s no question that AI is having a profound impact on the way IT security teams mitigate cyber risks,” says Steve Piper, founder and CEO of CyberEdge Group. “AI is helping short-staffed security teams work smarter, rather than harder, to accomplish more with fewer resources. Although AI may have given security professionals the upper hand, for now, we must remain vigilant. Generative AI is already giving cyber adversaries new tools for creating better-written phishing emails and the means to create compelling deepfake images, videos, and audio. Investing in cybersecurity training for IT staff and security awareness training for all employees is more important than ever.”
Additional Key Findings
CyberEdge Group’s award-winning CDR is the standard for assessing organizations’ security posture, gauging the perceptions of IT security professionals, and ascertaining current and planned investments in IT security infrastructure – across all industries and geographic regions. The 2024 CDR yielded dozens of additional insights, including:
- Ransomware tides are turning. For the first time in five years, the percentage of organizations victimized by ransomware declined (from 73 percent to 64 percent) and the percentage of victims that paid ransoms fell below 50 percent. However, only 57 percent of victims that paid ransoms successfully recovered their data, down from 73 percent.
- AI threats are looming. More than four in 10 respondents believe that AI will improve threat actors’ abilities to discover weaknesses in cybersecurity defenses (45 percent), increase the sophistication of cyberthreats (42 percent), and empower threat actors to craft more-effective phishing and spear-phishing emails (41 percent).
- Boards with security experts. Six in 10 boards of directors have at least one member with a cybersecurity background.
- Cloud deployments are up. Forty percent of security applications and services are deployed via the cloud, up from 36 percent four years ago.
- Hottest security tech for 2024. The security technologies (by category) most widely planned for acquisition this year include next-generation firewalls (network security), deception technology (endpoint security), bot management (application and data security), and advanced security analytics (security management and operations).
- This year’s weakest links. Industrial control systems (ICS), application containers, and mobile devices top this year’s list of the IT components that are most challenging to secure.
- Feeling short-staffed. Nearly seven in eight organizations (86 percent) are experiencing a shortfall of security talent, with IT security administrators in greatest demand.
- Training is key. Cybersecurity training and certification are cited as the number one initiative to improve the job satisfaction of IT security professionals.
- Record security spending. The average IT security operating budget increased by 5.7 percent this year, an all-time CDR high.
Explore AITechPark for the latest advancements in AI, IOT, Cybersecurity, AITech News, and insightful updates from industry experts!