Artificial Intelligence Gives Security Teams the Upper Hand, “2024 Cyberthreat Defense Report” Finds
April 16 2024 - 6:00AM
Business Wire
AI-based Security Innovations, Declining
Successful Cyberattacks, and Rising IT Security Budgets Spur
Cautious Optimism Among Cybersecurity Professionals
CyberEdge Group, a leading research and marketing firm serving
the cybersecurity industry’s top vendors, today announced the
publication of its 2024 Cyberthreat Defense Report (CDR). This
year’s 10th anniversary special edition provides keen insights into
how artificial intelligence (AI) is impacting the cybersecurity
industry and how enterprises leverage IT security training to
improve job satisfaction. It also spotlights the growing inclusion
of cybersecurity experts on boards of directors. Further, the
report reveals which cybersecurity technologies are in highest
demand.
IT Security Teams Have the Upper Hand With AI… For
Now
Artificial intelligence is both a blessing and a curse for IT
security teams. While 97 percent of security professionals surveyed
agree that AI will benefit security teams, 96 percent also believe
it will benefit threat actors. However, when asked who will benefit
more, 50 percent more respondents say they believe AI will give
security teams the upper hand than those who believe threat actors
will benefit more.
Security Professionals Feel Cautiously Optimistic
Several findings in this year’s CDR show that IT security
leaders are feeling cautiously optimistic. The percentage of
organizations victimized by a successful cyberattack declined for
the third consecutive year, while the percentage of organizations
victimized by a successful ransomware attack fell for the first
time in CDR history. Nearly nine in 10 IT security operating
budgets are rising, and at a record pace. Meanwhile, the percentage
of security professionals who believe that a successful cyberattack
is more likely than not in the coming year declined
significantly.
“There’s no question that AI is having a profound impact on the
way IT security teams mitigate cyber risks,” says Steve Piper,
founder and CEO of CyberEdge Group. “AI is helping short-staffed
security teams work smarter, rather than harder, to accomplish more
with fewer resources. Although AI may have given security
professionals the upper hand, for now, we must remain vigilant.
Generative AI is already giving cyber adversaries new tools for
creating better-written phishing emails and the means to create
compelling deepfake images, videos, and audio. Investing in
cybersecurity training for IT staff and security awareness training
for all employees is more important than ever.”
Additional Key Findings
CyberEdge Group’s award-winning CDR is the standard for
assessing organizations’ security posture, gauging the perceptions
of IT security professionals, and ascertaining current and planned
investments in IT security infrastructure – across all industries
and geographic regions. The 2024 CDR yielded dozens of additional
insights, including:
- Ransomware tides are turning. For the first time in five
years, the percentage of organizations victimized by ransomware
declined (from 73 percent to 64 percent) and the percentage of
victims that paid ransoms fell below 50 percent. However, only 57
percent of victims that paid ransoms successfully recovered their
data, down from 73 percent.
- AI threats are looming. More than four in 10 respondents
believe that AI will improve threat actors’ abilities to discover
weaknesses in cybersecurity defenses (45 percent), increase the
sophistication of cyberthreats (42 percent), and empower threat
actors to craft more-effective phishing and spear-phishing emails
(41 percent).
- Boards with security experts. Six in 10 boards of
directors have at least one member with a cybersecurity
background.
- Cloud deployments are up. Forty percent of security
applications and services are deployed via the cloud, up from 36
percent four years ago.
- Hottest security tech for 2024. The security
technologies (by category) most widely planned for acquisition this
year include next-generation firewalls (network security),
deception technology (endpoint security), bot management
(application and data security), and advanced security analytics
(security management and operations).
- This year’s weakest links. Industrial control systems
(ICS), application containers, and mobile devices top this year’s
list of the IT components that are most challenging to secure.
- Feeling short-staffed. Nearly seven in eight
organizations (86 percent) are experiencing a shortfall of security
talent, with IT security administrators in greatest demand.
- Training is key. Cybersecurity training and
certification are cited as the number one initiative to improve the
job satisfaction of IT security professionals.
- Record security spending. The average IT security
operating budget increased by 5.7 percent this year, an all-time
CDR high.
About the CDR
In November 2023, 1,200 IT security decision makers and
practitioners completed a 27-question online survey. Each
participant is employed by a commercial or government entity with
at least 500 employees, located in one of six geographic regions:
North America, Europe, Asia Pacific, the Middle East, Latin
America, and Africa.
The CDR gauges perceptions about cyberthreats and ascertains
future plans for improving security and reducing risk. The report
empowers IT security professionals to benchmark their company’s
security posture, operating budget, product investments, and best
practices against peers in their industry and geographic
region.
The 2024 CDR is supported by leading information security
vendors:
- Platinum sponsors: Cloudflare, CyberArk, Google Cloud, Imperva,
ISC2, and Proofpoint
- Gold sponsors: BlueCat Networks, Delinea, OpenText, SailPoint,
ThreatX, and Tufin
- Silver sponsors: Axiad, Legit Security, Netwrix, Phosphorus,
Picus Security, and Reveal Security
Now available
The 2024 Cyberthreat Defense Report is available from all
sponsors or by visiting the CyberEdge Group website at
www.cyber-edge.com/cdr.
About CyberEdge Group
CyberEdge Group is an award-winning research and marketing
consulting firm serving the diverse needs of the cybersecurity
vendor community. Headquartered in Annapolis, Maryland, with 40+
consultants based across North America, CyberEdge works with
approximately one in every five IT security software and service
providers. The company’s annual Cyberthreat Defense Report provides
information security decision-makers and practitioners with
practical, unbiased insight into how enterprises and government
agencies defend their networks in today’s complex cyberthreat
landscape. For more information, visit www.cyber-edge.com.
The CyberEdge Group name and logo are trademarks of CyberEdge
Group, LLC in the United States and other countries. All other
trademarks and service marks are the property of their respective
owners.
View source
version on businesswire.com: https://www.businesswire.com/news/home/20240416218995/en/
Media Contact: Leslie Kesselring Kesselring
Communications 503-358-1012 Leslie@kesscomm.com CyberEdge Group
Contact: Steve Piper CEO CyberEdge Group 443.603.1500
steve.piper@cyber-edge.com