Information Technology leaders across the globe are worried that vulnerabilities in artificial intelligence (AI) powered cybersecurity tools could expose their companies to risks.
This is according to Sophos in a new report, where it revealed that despite 65 per cent of organisations adopting generative artificial intelligence (GenAI) capabilities, 89 per cent of IT leaders across the globe are currently in a state of worry.
The report, ‘Beyond the Hype: The Business Reality of AI for Cybersecurity’, surveyed 400 IT leaders on the use of AI-driven security solutions. Findings suggested that while AI is widely embedded in cybersecurity infrastructure, as 98 per cent of organisations surveyed confirmed its use, the concerns about over-reliance on AI remain high.
In addition to this report, new research from Sophos X-Ops, titled “Cybercriminals Still Not Getting on Board the AI Train (Yet),” found a growing but cautious adoption of AI by cybercriminals.
Sophos X-Ops analysed underground hacking forums and discovered that while many criminals remain sceptical of GenAI, some have started using it to automate tasks like bulk email generation and data analysis.
Others are integrating it into spam and social engineering toolkits, increasing the scale and efficiency of their attacks. Global Field CTO at Sophos, Chester Wisniewski, emphasised the importance of human oversight, saying: “The potential of GenAI to accelerate security workloads is amazing, but it still requires human oversight to ensure its effectiveness. We haven’t taught machines to think; we’ve just given them the ability to process large amounts of data faster.”
According to the report, one of the biggest concerns raised in the survey is the potential reduction in cybersecurity jobs due to misplaced confidence in AI’s capabilities.
It added that 87 per cent of IT leaders worry that organisations could lose cybersecurity accountability by relying too much on AI, while 84 per cent are concerned about pressure to cut cybersecurity headcount due to unrealistic expectations of AI replacing human operators.
The report further showed that the size of an organisation influences its AI priorities. For instance, it noted that larger organisations (1,000+ employees) prioritise improving security protection.
Smaller organisations (50-99 employees) see AI’s main benefit as reducing employee burnout.
According to the report, while 80 per cent of IT leaders believe GenAI will increase the cost of cybersecurity tools, many see long-term financial benefits.
The report observed that 75 per cent agree that GenAI’s costs are difficult to quantify. However, 87 per cent believe that GenAI savings will offset these costs, making cybersecurity more cost-efficient over time.
Meanwhile, experts believe that AI in cybersecurity presents both opportunities and risks. While GenAI has the potential to enhance security, automate processes, and reduce burnout, IT leaders remain wary of its limitations, costs, and potential to replace human expertise.
