Change in the cybersecurity industry is inevitable, and 2024 brings upheaval in the form of geopolitical tensions, rigorous compliance requirements, and of course, the rapid acceleration of generative AI.
We explore these trends by taking the pulse of 1,650 security professionals in our newly released report, State of Security 2024: The Race to Harness AI. The research, which was conducted in partnership with the Enterprise Strategy Group, reveals the insights, aspirations, and challenges of security leaders across nine countries and 16 industries. We also explore the attack types and vectors that security teams struggle with the most. Turns out that we tend to fear the unknown, like AI-powered attacks – but the reality is humans are at the center of most threats.
We uncover a positive trend: the growing optimism of security leaders, despite the increasing complexity. Forty-one percent of organizations this year say cybersecurity is getting easier to manage, up 7% from last year and 24% from 2022. As a glass-half-full CISO, I embrace this optimism. Security teams are collaborating more with other departments like engineering and IT operations. Average MTTD has seen a major improvement, too; 55% say they detect disruption-causing incidents in 14 days or less, up from 28% last year. That growth is even more pronounced for organizations with extremely advanced security programs, who detect disruption-causing incidents over 60% faster than their peers.
However, we can’t claim complete victory yet, as attackers aren’t slowing down. Our research shows that data breaches and ransomware, in particular, have been steadily increasing since our first State of Security report in 2021. Additionally, as generative AI becomes a mainstay of cybersecurity, organizations will need to either adapt or risk falling behind.
In my 20 years of experience in cybersecurity, nothing has impacted the industry as much as AI – and our report uncovers the fears, realities, and predictions of its hopeful but uncertain future. Ninety-three percent of organizations are already using public generative AI tools. AI also surpassed cloud security this year as a top cybersecurity initiative.
As organizations race to capitalize on the benefits of generative AI, it’s on us as security professionals to protect against the risks it introduces. Those risks can come from within – for example, 77% say that data leakage will increase with the use of generative AI – or from threat actors that are harnessing that very technology without legal or ethical limitations.
In 2024 generative AI is in the Wild West, relatively unencumbered by policies or guardrails. While that ambiguity presents a certain allure, it also carries risk. What’s especially concerning is that 65% of security professionals surveyed admit to lacking education around generative AI and its implications. Additionally, 34% of organizations don’t have a generative AI policy, which is also concerning when you consider its massive adoption rate.
While respondents are split on whether generative AI will ultimately benefit defenders or adversaries, what’s clear is that security leaders will need to educate themselves and their teams on both the risks and benefits of generative AI so that defenders can maintain a competitive edge.
Generative AI isn’t the only thing putting more pressure on security leaders; new rules from the Securities and Exchange Commission (SEC) in the U.S. and the NIS2 Directive in the E.U. are holding security executives personally accountable for compliance violations in 2024. We found that 62% have already been impacted by these changing mandates that require the disclosure of material breaches.
These new regulations speed up reporting timelines of incidents, which will bring about both intended and unintended consequences. On the bright side, compliance, legal and security teams will be forced to collaborate more and be aligned with one another. On the other hand, it’s also instilling a very real fear into security executives that they could go to jail for a mistake they’ve made on the job. In fact, 76% of our respondents said that this risk is making cybersecurity a less attractive field.
That’s why it’s more important than ever for CISOs to speak the language of their board, and advocate for them to recognize cybersecurity risk as business risk. And more good news: nearly every organization surveyed (96%) said they’ll increase cybersecurity spending over the next two years, so it appears that sentiment is resonating. ]
Read the full report for more findings, including what sets leading organizations apart and recommendations from Splunk experts on how to be innovative and resilient in the age of AI.
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.