CIISec's annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders
By
A slender 54% majority of UK cyber security professionals believe threat actors stand to benefit more from artificial intelligence (AI) than they do, according to a report on sector attitudes compiled by the Chartered Institute of Information Security (CIISec).
All told, 89% of those who took part in the organisation's latest State of the security profession report said they thought AI would benefit attackers, compared with 84% who thought it would benefit the cyber security industry directly.
The study also exposed a lack of planning for AI among UK businesses, with 44% of cyber professionals saying their organisation was broadly unaware of the risks posed by AI and did not have sufficient policies in place to ensure it was being used safely – although despite this, 85% were at least considering the use of AI themselves.
The CIISec report showed that AI and machine learning will be the most influential technology in the security sector in 2025 by a country mile, with 51% agreeing, compared with zero trust, cited by just 7%, and security hygiene basics, also cited by 7% of respondents.
“Whilst the AI revolution will undoubtedly benefit many business functions, it's presenting more questions than answers for cyber security professionals. There's a huge risk of both cyber criminals weaponising the technology and employees with a lack of risk awareness inadvertently leaving their organisation vulnerable when using it,” said Amanda Finch, CEO of CIISec.
“The security industry needs to build knowledge of the threats posed by AI – particularly generative AI – whilst it's still in its relative infancy. Educating people just entering the industry and those looking to start a career in cyber will be particularly vital, as they'll be defending against AI attacks for decades to come. This will help to inform security practices and help cyber security professionals to educate the wider business about risk and safety.”
Beyond the cutting edge
As always, CIISec's annual report also explored broader security industry trends, where it found some areas of general improvement, but also much to be concerned about.
Whilst the AI revolution will undoubtedly benefit many business functions, it's presenting more questions than answers for cyber security professionals
Amanda Finch, CIISec
For example, average sector wages now stand at over £87,000, up £25,000 from its first such report covering the 2016-17 period – an indication that, for security professionals at least, earnings growth has not only kept up with, but outpaced inflation.
Security professionals also tended to believe that, as an industry, they were doing better at defending against and dealing with cyber incidents,
