Survey Surfaces Rising Number of AI Security Incidents
A global survey of 1,025 IT and security professionals finds that while organizations experienced an average of 2.17 cloud breaches over the past 18 months, only 8% were categorized as severe.
At the same time, however, with the rise of artificial intelligence (AI) there may be more significant challenges ahead. More than half of respondents (55%) said their organization is using AI within the context of a business workflow, with 34% reporting they have already experienced some type of AI-related breach.
Conducted by Tenable in collaboration with the Cloud Security Alliance (CSA), the survey finds the most common causes of AI-related breaches are exploited software vulnerabilities (21%), AI model flaws (19%), insider threats (18%), and misconfigured cloud settings (16%).
More worrisome still, only 26% conduct AI-specific security testing such as red teaming and even less classify and encrypt AI data (21%) or have adopted machine learning operations (MLOps) security practices (15%).
Liat Hayun, vice president of product and research at Tenable, said that it is apparent IT and cybersecurity teams are struggling to secure AI technologies as the pace of adoption continues to rapidly increase. In effect, AI workloads are expanding the overall size of the attack surfaces within already complex IT environments in ways that many cybersecurity professionals are not yet prepared to defend, she added.
Overall, the survey finds 82% of organizations now operate in hybrid environments, with 41% having a significant number of workloads running both on-premises and in the cloud. A total of 63% also have more than one cloud provider, with IT teams managing an average of 2.7 environments.
Unified security monitoring and risk prioritization (58%), cloud security posture management (CSPM) (57%), and extended detection and response (XDR) (54%) are the most commonly used controls across hybrid environments. Zero-trust architectures and maintaining least privilege for identities was the most selected cloud security priority for the next 12 months (44%).
At the same time, however, unclear strategy (39%), insufficient budget (35%), and resources being diverted to other priorities (31%) are all cited as key barriers to adoption for additional tools and platforms. Nearly a third (31%) also noted their executive leadership lacks sufficient understanding of cloud security risks, believe built-in cloud provider tools are good enough (20%), or assume the cloud provider is primarily responsible for securing the environment (15%)
In general, top cloud security concerns are misconfigured cloud services (33%), followed by excessive permissions (31%), lack of visibility (28%), complexity of the cloud environment (27%), and lack of contextual insights into risks, (23%) insider threats (20%) and compromised credentials (15%). The top challenges are misalignment between cloud and identity access management (IAM) teams (28% and enforcing least privilege (21%). However, 34% also noted their organization also lacks of cloud infrastructure security expertise
Finally, the most commonly tracked cloud security key performance indicators (KPIs) tracked are security incident frequency and severity (43%) and multifactor authentication (MFA) and single sign-on adoption (42%).
While it’s arguable that IT and security teams might be overestimating their ability to secure hybrid cloud computing environments, there is no doubt that AI workloads will put them to the test. After all, unlike cloud workloads, nearly every AI workload today represents a high-valued target that cybercriminals are going to find too tempting to ignore.
