Mining Technology

“A bumpy ride” for cybersecurity as AI poses new threats – GlobalData report

AI-driven cyberattacks are changing the cybersecurity needs of businesses, with the majority facing increasing talent shortages.

AI-led attacks mean that the cybersecurity sector is in for “a bumpy ride for the next two to three years”, according to GlobalData’s new cybersecurity report.

The report states that the cybersecurity market is set to be worth $290bn by 2027, but highlights that concerns around AI’s potential – both for cybersecurity and cybercrime – are significantly impacting the market. Businesses looking to adapt to new threats have faced an additional challenge: the talent shortage.

The report also notes that in 2024, cyber investments will comprise 14% of total IT, operational technology and automation budgets, up from 11% in 2023.

AI in particular is causing increasing anxiety around cybersecurity, offering a tool by which cybercriminals can improve phishing emails, and quickly send out thousands of carefully targeted messages to a higher number of potential victims.

“Organisations have had to learn how to cope with cyberattacks that deliberately target enterprise technology, such as networks, cloud storage, and endpoint devices,” according to the report.

“Now, they must respond to AI attacks that can adapt to a specific environment, seek out its weaknesses, and exploit them. One possibility is that cybercriminals will seek to create and deploy large language models (LLM) trained on existing malware code,” notes the report.

However, there is also the potential for AI to have a positive impact on businesses, by identifying signals of an incoming cyberattack. The report notes the example of IBM, which reported that organisations using AI and automation in their cybersecurity arsenal were able to contain a breach in 214 days, 108 days shorter than organisations which did not.

The cybersecurity sector has another pain point which is causing problems: a talent shortage. The International Information System Security Certification Consortium (ISC2) reported, in October 2023, that the workforce gap had reached four million, a 9% increase from 2022. The Information Systems Audit and Control Association (ISACA) shared research in October 2023 that revealed 59% of cybersecurity teams were understaffed.

GlobalData’s report predicts consistently increasing demand for cybersecurity talent, noting that, as almost all businesses are now dependent on technology, securing systems against potential threats is now “a relentless task”.

As businesses across all sectors look to adapt to an AI-led security environment, there will be a shift in the roles of cybersecurity professionals. In February 2024, an ISC2 report revealed that 88% of cybersecurity professionals expect AI will impact their jobs, but 82% believed that AI would make their jobs more efficient, whilst 56% believed it would free up time by taking over menial tasks.