Splunk: Cybersecurity Dynamics Rapidly Changing
A survey of 1,520 cybersecurity and IT leaders published today found more than half (52%) reporting their organization suffered a data breach in the past two years, with 62% experiencing monthly unplanned downtime attributable to a cybersecurity incident.
The survey, conducted by Enterprise Strategy Group (ESG) on behalf of Splunk, also found that, on average, it takes 2.4 months to discover bad actors on corporate networks.
Over a third (39%) of the respondents said cybersecurity incidents have directly harmed their competitive position, with 31% also noting those incidents have reduced shareholder value.
As a result, cybersecurity budgets are increasing, with 95% of respondents reporting their security budgets will increase over the next two years, with 56% describing those increases as significant.
The survey also found 81% of respondents are working for organizations that are converging aspects of their security and IT operations. Respondents believe this convergence will help with the overall visibility of risks in their environment (58%) and will see improved cooperation in threat identification and response processes (55%).
Other initiatives include an increased focus on third-party risk assessments (95%), the survey found.
Ryan Kovar, distinguished security strategist for Splunk, said multiple factors are driving these investments, including the increased volume and sophistication of cybersecurity threats. Organizations are realizing they need to be able to defend against attacks in near-real-time as the time between when malware is created, launched and activated continues to narrow, he added. In fact, 91% of survey respondents noted that better capture and analysis of detection data is one of the most effective tools to prevent ransomware attacks.
Other factors include a need to improve the overall return on investment in cybersecurity during uncertain economic times and cyberinsurance firms require organizations to improve cybersecurity before being granted coverage, noted Kovar.
In addition, he noted that organizations rely more on modern zero-trust cybersecurity platforms that employ automation to help augment chronically short-staffed cybersecurity teams.
In the longer term, it’s apparent that every organization is locked in a cybersecurity artificial intelligence (AI) arms race. Cybercriminals will inevitably employ AI to reduce the time required to launch a well-crafted phishing attack using platforms such as ChatGPT. Nation-states will use large language models to discover more vulnerabilities and eventually write malware.
The only way to combat AI is, of course, with AI. Many cybersecurity teams have been taking advantage of machine learning algorithms to augment cybersecurity teams for several years. The next frontier is to employ the large language models used by generative AI platforms to analyze cyberattacks.
It’s not clear how long it might be before generative AI platforms play a larger role in cybersecurity. The adoption of machine learning algorithms to augment cybersecurity teams has been uneven, but as AI technologies continue to improve, it’s only a matter of time before more organizations rely on AI to defend themselves. The only question remaining is to what degree.
