October 10, 2023 By Chris McCurdy 3 min read

Generative AI (GenAI) is poised to deliver significant benefits to enterprises and their ability to readily respond to and effectively defend against cyber threats. But AI that is not itself secured may introduce a whole new set of threats to businesses. Today IBM’s Institute for Business Value published “The CEO’s guide to generative AI: Cybersecurity,” part of a larger series providing guidance for senior leaders planning to adopt generative AI models and tools. The materials highlight key considerations for CEOs with respect to the cybersecurity benefits that GenAI can bring, and the potential risks it can introduce, to their enterprises.

The guidance draws on insights from 200 C-suite leaders and reveals that despite substantial concerns over risks, enterprises are moving full steam ahead with GenAI adoption, eager to reap the rewards and efficiencies promised by GenAI innovation. Key highlights include:

  • Innovate first, secure later? Despite nearly all surveyed executives (94%) considering it important to secure AI solutions before deployment, 69% also say innovation takes precedence over security for GenAI.
  • AI security spend moving upwards: By 2025 AI security budgets are expected to be 116% greater than in 2021, with 84% of respondents saying they will prioritize GenAI security solutions over conventional ones.
  • GenAI viewed as a force multiplier for cyber workforce: 92% of surveyed executives say that, instead of being replaced, it is more likely their security workforce will be augmented or elevated to focus on higher-value work.
Register for the AI + Cybersecurity webinar

Generative AI becomes cybersecurity’s next big bet

As business leaders seek to drive more effective cybersecurity capabilities across their environments, they are expecting to spend more on generative AI-driven solutions. The overwhelming majority of survey respondents (84%) say they will prioritize generative AI security solutions over conventional ones, eager to see the promise of these innovations materialize.

The findings further emphasize the productivity gains that AI promises at the human and technology levels. Today’s AI maturity can help security analysts, empowering them to do more with less through intelligent assistants and speedier, more intuitive detection and response tools.

Survey respondents largely agreed that their workforce is the top area that would benefit from GenAI for security capabilities, with 52% of respondents saying generative AI solutions will positively impact their ability to develop and retrain security talent — an essential requirement amid an ever-evolving threat landscape. The majority of surveyed executives also viewed GenAI as an accelerator of digital trust with 52% indicating that GenAI will help establish easier user access management, permissions, and entitlement across their organizations. Similarly, 47% of executives say GenAI will help improve the time to detect and respond to cyber threats.

Explore the study

Generative AI adoption outpaces security and governance

Despite nearly all executives agreeing that it’s important to secure AI solutions before deployment, 69% say innovation takes precedence over security for GenAI. Rather than incorporating security considerations into innovation efforts, business leaders appear to be prioritizing development of new capabilities without addressing new security risks. This is even though 96% say adopting generative AI makes a security breach likely in their organization within the next three years.

While the survey takeaways suggest that business leaders fear they may lose a competitive edge or market lead by waiting for security to be baked into their AI-led business models, they are also concerned with increasing their risk exposure: nearly half of the study’s respondents voice concern about GenAI expanding their organizations’ attack surface. Specifically, 47% of those surveyed are concerned that adopting GenAI in operations will lead to new kinds of attacks targeting their applications, own AI models, data, or services.

It’s clear that when it comes to AI, we’ve crossed a new threshold: business leaders are eager to capitalize on the benefits promised by today’s innovations. In terms of security, they’re betting on new technologies to create more empowered, more productive teams. They’re looking for faster and more intuitive ways of working — whether detecting anomalies, managing risks, or responding to security incidents.

While many business leaders appear willing to accept the risk of insufficiently secured AI operations if it means they can evolve their business faster, security and technology leaders can take this as an opportunity to influence the conversation. It’s essential to understand that secure AI drives powerful AI outcomes, and that today we have the tools, processes, and strategies to help businesses establish secure AI business models as they embark on a dynamic journey of AI adoption.

Access “The CEO’s guide to generative AI: Cybersecurity” here.

Learn more about how IBM can help businesses accelerate their AI adoption securely here.

Learn more about how IBM is leveraging AI across its security portfolio here.

More from Artificial Intelligence

Cloud Threat Landscape Report: AI-generated attacks low for the cloud

2 min read - For the last couple of years, a lot of attention has been placed on the evolutionary state of artificial intelligence (AI) technology and its impact on cybersecurity. In many industries, the risks associated with AI-generated attacks are still present and concerning, especially with the global average of data breach costs increasing by 10% from last year.However, according to the most recent Cloud Threat Landscape Report released by IBM’s X-Force team, the near-term threat of an AI-generated attack targeting cloud computing…

Testing the limits of generative AI: How red teaming exposes vulnerabilities in AI models

4 min read - With generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook.With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, businesses need to know exactly where their vulnerabilities lie. Given the remarkable pace at which they’re adopting gen AI, there’s a good chance that some of those vulnerabilities lie in AI models themselves — or the data used to…

Security roundup: Top AI stories in 2024

3 min read - 2024 has been a banner year for artificial intelligence (AI). As enterprises ramp up adoption, however, malicious actors have been exploring new ways to compromise systems with intelligent attacks.With the AI landscape rapidly evolving, it's worth looking back before moving forward. Here are our top five AI security stories for 2024.Can you hear me now? Hackers hijack audio with AIAttackers can fake entire conversations using large language models (LLMs), voice cloning and speech-to-text software. This method is relatively easy to…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today