What do security pros want from generative AI?

Generative AI has promised a lot when it comes to improving cyber resilience and helping practitioners contend with evolving threats, but what do security pros actually think of the new technology?

Crowdstrike’s State of AI in Cybersecurity report surveyed 1,000 cybersecurity professionals to gauge their thoughts on generative AI and where they’re at in terms of implementing it in their organization.

The report found generative AI in security remains in its infancy, with only 6% of respondents stating they had already purchased or deployed a generative AI tool in their organization.

An additional 11% said they have decided on a purchase and were in the procurement process, whereas 47% of security pros said they were actively researching or evaluating and testing generative tools.

Notably, a significant proportion of security teams are very early in their ‘genAI buying journey’ with just under a third (32%) reporting they were still learning about generative AI tools before moving forward.

CrowdStrike said the study shows the majority of cyber professionals are excited about the new technology, with 68% claiming they intend to purchase some form of generative AI tooling for their organization in the next 12 months.

Furthermore, 63% of respondents said they would consider switching security vendors if their alternative offered generative AI tools on their platform.

Cyber pros want generative AI to reduce their response times

Responses from industry professionals indicated that the value of generative AI tools is linked to how they function within a broader technology ecosystem, with 80% of practitioners stating they would prefer it to be delivered through a platform versus point solutions.

Crowdstrike’s findings suggest despite low adoption rates, cyber professionals are bullish on the capacity of generative AI to positively impact their organization’s cyber resilience.

The top purchase driver for generative AI identified by the respondents was to improve their ability to detect and respond to attacks.

The second-most cited factor driving upcoming generative AI procurement was boosting operational efficiency, followed by using generative AI to mitigate the impact of skills shortages.

When asked what they were looking for in a vendor, the top three selection criteria were validated leadership in cybersecurity, expertise in incident response, and vendor-led threat intelligence, the report found.

Similarly, the top three security outcomes respondents said they were targeting were achieving a faster mean time to respond, improved detection fidelity, and reduced risk exposure.

Generative AI for security is not all smooth sailing

AI security tools promise to go a long way to helping cyber staff focus on the most pressing tasks, with businesses looking to free up security teams to proactively investigate threats.

But some stakeholders have voiced concerns over the potential long-term impact of the technology on the broader cybersecurity workforce. A study earlier this year warned that if security professionals use AI to automate the tasks they are usually bogged down with, there is a risk they may become overreliant on the tools and lose vital skills.

For example, one security use case for generative AI is that it can enable junior security analysts to reverse engineer obfuscated scripts in malicious software used by threat actors without the assistance of their senior counterparts.

One security expert told ITPro he felt there’s the potential that security engineers could end up relying entirely on their AI assistants and never actually build a rigorous understanding of how to complete the tasks.

Businesses should be wary of “sprinkling generative AI” across their IT estate, according to one cyber professional who argued that it can exacerbate complexity and could actually distract security workers from “what they really need to do, which is to defend”.

While much focus has been placed on the use of the technology in a defensive capacity, there are also growing concerns over its use by increasingly proficient threat actors.

Earlier this month, cyber experts told ITPro that there is a strong argument that although generative AI may improve cyber resilience through automation and operational efficiency, threat actors stand to gain more from the technology, using it to supercharge the volume of attacks they can launch in a short period of time.