Over the past 18 months, AI has changed how we do many things in our work and professional lives — from helping us write emails to affecting how we approach cybersecurity. A recent Voice of SecOps 2024 study found that AI was a huge reason for many shifts in cybersecurity over the past 12 months. Interestingly, AI was both the cause of new issues as well as quickly becoming a common solution for those very same challenges.

The study was conducted with Deep Instinct and Sapio Research by surveying 500 senior cybersecurity professionals working for U.S. companies with at least 1,000 employees. The respondents worked in a wide range of industries, including financial services, technology, manufacturing, retail, healthcare and critical infrastructure, as well as in the public sector.

Shifting strategies to prevention due to AI

One of the biggest findings of the survey was that 75% of respondents had to change their cybersecurity strategies in the past year due to the rise in AI-powered cyber threats. The vast majority of professionals (97%) reported they were concerned that their organization could become victimized by AI-generated zero-day attacks.

The majority (73%) of professionals said that the shift involved moving toward a more proactive than reactive approach. Interestingly, more than half of the respondents (53%) said that the shift in approach came from their senior leaders. At the time of the survey, 42% were already taking a preventive approach through using predictive prevention platforms. Another 38% were looking into using these platforms.

As part of the overall shift in approach, many organizations are also providing security awareness and training programs (47%) and endpoint detection and response systems (41%). Other strategies include regular security audits (39%), collaborating with external experts (38%), and using other AI-based tools (20%).

Explore AI cybersecurity solutions

AI increasing stress and burnout for cybersecurity professionals

The survey also found that AI is increasing stress and burnout for cybersecurity professionals, which is already a top concern and a challenge for the industry. When asked whether their stress levels were worse this year than last, 66% said yes.

High stress levels in cybersecurity professionals can cause lower retention rates, which can negatively impact a company’s cybersecurity due to open positions and a lack of continuity.

Additionally, high stress can make recruiting harder because professionals leave the field or do not want to work at a high-stress organization. When someone leaves an incident response team, it typically takes six months on average before the replacement is a fully contributing team member, which also increases stress on existing team members.

However, when asked about the reason for increased stress and burnout, 66% responded that AI is responsible. Other causes included staffing/resource limitations, compliance/regulatory pressures, public scrutiny/reputation concerns and remote work challenges. Additionally, 29% said they were stressed over the fear that AI could take over their jobs.

Organizations are turning to AI to help reduce the stress levels caused by AI. About a third of organizations are planning AI tools to automate time-consuming and repetitive tasks to free up cybersecurity professionals for high-level tasks in an effort to reduce stress. Additionally, 35% said that moving to a prevention-focused approach would help lower their stress levels.

However, reducing burnout requires additional support. Organizations can help their teams learn to be more adaptable, such as by practicing for possible incidents, which can reduce stress through being prepared. Also, by building smaller teams, businesses can create a culture of relying on each other. Companies should prioritize mental health by providing resources and normalizing the use of these resources, especially after a cyberattack.

AI continues to evolve

As AI technology continues to improve and progress, the cybersecurity industry will continue to see impacts, and there will be shifts in how cyber criminals and cybersecurity professionals use their tools. By staying on top of new tactics and tools, cybersecurity professionals can take the most effective preventive approach while working to reduce stress.

More from Artificial Intelligence

How red teaming helps safeguard the infrastructure behind AI models

4 min read - Artificial intelligence (AI) is now squarely on the frontlines of information security. However, as is often the case when the pace of technological innovation is very rapid, security often ends up being a secondary consideration. This is increasingly evident from the ad-hoc nature of many implementations, where organizations lack a clear strategy for responsible AI use.Attack surfaces aren’t just expanding due to risks and vulnerabilities in AI models themselves but also in the underlying infrastructure that supports them. Many foundation…

The straight and narrow — How to keep ML and AI training on track

3 min read - Artificial intelligence (AI) and machine learning (ML) have entered the enterprise environment.According to the IBM AI in Action 2024 Report, two broad groups are onboarding AI: Leaders and learners. Leaders are seeing quantifiable results, with two-thirds reporting 25% (or greater) boosts to revenue growth. Learners, meanwhile, say they're following an AI roadmap (72%), but just 40% say their C-suite fully understands the value of AI investment.One thing they have in common? Challenges with data security. Despite their success with AI…

Will AI threaten the role of human creativity in cyber threat detection?

4 min read - Cybersecurity requires creativity and thinking outside the box. It’s why more organizations are looking at people with soft skills and coming from outside the tech industry to address the cyber skills gap. As the threat landscape becomes more complex and nation-state actors launch innovative cyberattacks against critical infrastructure, there is a need for cybersecurity professionals who can anticipate these attacks and develop creative preventive solutions.Of course, a lot of cybersecurity work is mundane and repetitive — monitoring logs, sniffing out…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today