Generative AI is going through a phase of immaturity, according to a recent survey. So, don’t be surprised if the next response you get from the still-growing tech tool is, you’re so unfair, ugggggh!
The findings, released on April 2 and implemented by Google Cloud and the Cloud Security Alliance, demonstrated that plenty of “cautiously optimistic” cybersecurity pros are using AI, but no clear winner has arrived for how tech-infused-with-automated-intuition will support a majority of defenders. Yet.
“Enough people have experimented and the knowledge of what use cases are robust is about to emerge,” Anton Chuvakin, Google Cloud’s security advisor at the office of the CISO, told IT Brew.
Survey said. The online survey, conducted in November 2023, polled 2,486 global IT and security professionals with questions regarding perceptions of AI in cybersecurity.
The questionnaire included questions like:
- Will AI improve security within your organization? (63% of respondents said yes.)
- Are you concerned about the potential risks of overreliance on AI for cybersecurity? (51% were concerned.)
- To what extent is your leadership informed of the implications AI has on security? (28% said fully aware; 46% said moderately aware.)
CSA’s broad definition of “AI” included machine-based technologies designed to make predictions, recommendations, and decisions, like natural-language processing tools; generative AI, deep learning using neural networks, and large language models.
Everybody’s doing it! Almost seven in 10 (67%) of the CSA’s respondents said they’ve already tested AI for security-specific purposes.
“This significant percentage suggests that AI integration into cybersecurity is not just a concept but a practical reality for many,” the report read. (Some cited examples: rule creation, attack simulation, and compliance violation detection.) The use cases, according to the study, were “fairly evenly distributed, indicating the potential for AI to have multiple beneficial applications.”
Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
“We’re not seeing a clear winner,” Hillary Baron, senior technical director of research and analytics at the CSA, told IT Brew.
Tim Chase, global field CISO at the cloud-security company Lacework, has seen cybersecurity professionals using generative AI to assist with recommendation and remediation efforts: a Python script that pulls cloud-utilization data from AWS, for example, or a fix for code defects.
“Security and gen AI, those two combined together, the best is yet to come. I think we haven’t hit our stride in security to really know how to best utilize gen AI,” Chase told IT Brew.
The CSA report registered some of Chase’s sentiment, who said he is “cautiously optimistic.” About 34% of surveyed pros believe AI will primarily benefit security teams, while 31% saw AI offering equal benefits to defenders and attackers.
A June 2023 KPMG study of 300 global executives and senior leaders found that 72% of the surveyed IT professionals said cybersecurity applications will be a top priority for generative AI adoption. Over six in 10 (64%) respondents noted that they expected to implement generative AI in the next 6 to 12 months, and 63% saw cybersecurity as the biggest potential area for the technology.
Chuvakin has seen multiple reports about how companies are using generative AI for security purposes. “Here’s the punch line. A lot of [the data] doesn’t match,” Chuvakin said.
For now. Chuvakin sees a technology that’s about to grow up.
“I feel like we’re on the cusp of [discovering] the use cases. That’s why I think the optimism is not misplaced. Ultimately, there will be robust use cases for gen AI and security,” he said.