October 10, 2023 By Chris McCurdy 3 min read

Generative AI (GenAI) is poised to deliver significant benefits to enterprises and their ability to readily respond to and effectively defend against cyber threats. But AI that is not itself secured may introduce a whole new set of threats to businesses. Today IBM’s Institute for Business Value published “The CEO’s guide to generative AI: Cybersecurity,” part of a larger series providing guidance for senior leaders planning to adopt generative AI models and tools. The materials highlight key considerations for CEOs with respect to the cybersecurity benefits that GenAI can bring, and the potential risks it can introduce, to their enterprises.

The guidance draws on insights from 200 C-suite leaders and reveals that despite substantial concerns over risks, enterprises are moving full steam ahead with GenAI adoption, eager to reap the rewards and efficiencies promised by GenAI innovation. Key highlights include:

  • Innovate first, secure later? Despite nearly all surveyed executives (94%) considering it important to secure AI solutions before deployment, 69% also say innovation takes precedence over security for GenAI.
  • AI security spend moving upwards: By 2025 AI security budgets are expected to be 116% greater than in 2021, with 84% of respondents saying they will prioritize GenAI security solutions over conventional ones.
  • GenAI viewed as a force multiplier for cyber workforce: 92% of surveyed executives say that, instead of being replaced, it is more likely their security workforce will be augmented or elevated to focus on higher-value work.
Register for the AI + Cybersecurity webinar

Generative AI becomes cybersecurity’s next big bet

As business leaders seek to drive more effective cybersecurity capabilities across their environments, they are expecting to spend more on generative AI-driven solutions. The overwhelming majority of survey respondents (84%) say they will prioritize generative AI security solutions over conventional ones, eager to see the promise of these innovations materialize.

The findings further emphasize the productivity gains that AI promises at the human and technology levels. Today’s AI maturity can help security analysts, empowering them to do more with less through intelligent assistants and speedier, more intuitive detection and response tools.

Survey respondents largely agreed that their workforce is the top area that would benefit from GenAI for security capabilities, with 52% of respondents saying generative AI solutions will positively impact their ability to develop and retrain security talent — an essential requirement amid an ever-evolving threat landscape. The majority of surveyed executives also viewed GenAI as an accelerator of digital trust with 52% indicating that GenAI will help establish easier user access management, permissions, and entitlement across their organizations. Similarly, 47% of executives say GenAI will help improve the time to detect and respond to cyber threats.

Explore the study

Generative AI adoption outpaces security and governance

Despite nearly all executives agreeing that it’s important to secure AI solutions before deployment, 69% say innovation takes precedence over security for GenAI. Rather than incorporating security considerations into innovation efforts, business leaders appear to be prioritizing development of new capabilities without addressing new security risks. This is even though 96% say adopting generative AI makes a security breach likely in their organization within the next three years.

While the survey takeaways suggest that business leaders fear they may lose a competitive edge or market lead by waiting for security to be baked into their AI-led business models, they are also concerned with increasing their risk exposure: nearly half of the study’s respondents voice concern about GenAI expanding their organizations’ attack surface. Specifically, 47% of those surveyed are concerned that adopting GenAI in operations will lead to new kinds of attacks targeting their applications, own AI models, data, or services.

It’s clear that when it comes to AI, we’ve crossed a new threshold: business leaders are eager to capitalize on the benefits promised by today’s innovations. In terms of security, they’re betting on new technologies to create more empowered, more productive teams. They’re looking for faster and more intuitive ways of working — whether detecting anomalies, managing risks, or responding to security incidents.

While many business leaders appear willing to accept the risk of insufficiently secured AI operations if it means they can evolve their business faster, security and technology leaders can take this as an opportunity to influence the conversation. It’s essential to understand that secure AI drives powerful AI outcomes, and that today we have the tools, processes, and strategies to help businesses establish secure AI business models as they embark on a dynamic journey of AI adoption.

Access “The CEO’s guide to generative AI: Cybersecurity” here.

Learn more about how IBM can help businesses accelerate their AI adoption securely here.

Learn more about how IBM is leveraging AI across its security portfolio here.

More from Artificial Intelligence

Risk, reward and reality: Has enterprise perception of the public cloud changed?

4 min read - Public clouds now form the bulk of enterprise IT environments. According to 2024 Statista data, 73% of enterprises use a hybrid cloud model, 14% use multiple public clouds and 10% use a single public cloud solution. Multiple and single private clouds make up the remaining 3%.With enterprises historically reticent to adopt public clouds, adoption data seems to indicate a shift in perception. Perhaps enterprise efforts have finally moved away from reducing risk to prioritizing the potential rewards of public cloud…

Is AI saving jobs… or taking them?

4 min read - Artificial intelligence (AI) is coming to take your cybersecurity job. Or, AI will save your job. Well, which is it? As with all things security-related, AI-related and employment-related, it's complicated. How AI creates jobs A major reason it's complicated is that AI is helping to increase the demand for cybersecurity professionals in two broad ways. First, malicious actors use AI to get past security defenses and raise the overall risk of data breaches. The bad guys can increasingly use AI-based…

Trends: Hardware gets AI updates in 2024

4 min read - The surge in artificial intelligence (AI) usage over the past two and a half years has dramatically changed not only software but hardware as well. As AI usage continues to evolve, PC makers have found in AI an opportunity to improve end-user devices by offering AI-specific hardware and marketing them as "AI PCs."Pre-AI hardware, adapted for AIA few years ago, AI often depended on hardware that was not explicitly designed for AI. One example is graphics processors. Nvidia Graphics Processing…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today