A new report drawing on insights from more than 1,200 cybersecurity professionals worldwide, reveals a rapidly widening divide between escalating cyberthreats and security teams’ ability to defend against them.
The study from Ivanti finds that security professionals are 2.4x more likely to believe defenders use AI as effectively as threat actors, if not more effectively. Additionally, that confidence level grows to 5.5x in favor of defenders using AI as effectively or more effectively than threat actors over the next 24 months.
To gain an edge, defenders must operationalize AI and automation in cybersecurity, but that remains limited. Although nearly all respondents (92 percent) say automation reduces their team’s mean time to respond, the use of AI across critical security functions varies: 53 percent of security teams utilize AI for cloud security policy enforcement, 44 percent employ it for incident response workflows, 43 percent for threat intelligence correlation, and just 42 percent for vulnerability response and remediation.
Caution remains around agentic AI, however, which not yet earned universal trust. Nonetheless, 87 of security professionals say integrating agentic AI, capable of making real-time decisions and acting independently, is a priority for their teams and 77 report at least some comfort with allowing autonomous AI systems to act without human oversight.
“Although defenders are optimistic about the promise of AI in cybersecurity, Ivanti’s findings also show companies are falling further behind in terms of how well prepared they are to defend against a variety of threats. This is what I call the ‘Cybersecurity Readiness Deficit’ — a persistent, year-over-year widening imbalance in an organizations’ ability to defend their data, people and networks against the evolving threat landscape. This challenge is intensified by the accelerating pace of technological change, particularly as organizations advance their SaaS transformation initiatives and the speed at which new technologies are adopted,” says Daniel Spicer, chief security officer at Ivanti. “Security leaders understand that time and people are their most valuable assets. Currently, AI tools are effective at automatically handling cyber hygiene tasks that can bog down IT teams and helping close some of the most common gaps in an organizations’ defense.”
Among other findings, 48 percent of security professionals say IT teams don’t respond urgently to cybersecurity concerns, while 40 percent believe IT lacks an understanding of their organization’s risk tolerance. This disconnect is particularly damaging for exposure management, which relies on collaboration between security and IT to connect technical exposure to business expectations.
The full report is available from the Ivanti site.
Image Credit: Twoapril Studio/Dreamstime.com
