Hackers use GenAI to attack more frequently and effectively

• January 26, 2025

• Splunk CISO report lays out security team’s thoughts on 2024
• Report details the increase in GenAI in both cyberdefense and cyberattacks
• There’s a notable gap between the thoughts of board members and security experts

The rise of Generative AI (GenAI) in cybersecurity is continuing, with over half (52%) of CISOs prioritizing innovative with emerging technologies, although only a third (33%) of board members agree, new research has claimed.

The latest Splunk CISO Report outlines the priorities and opinions of industry professionals, noting how the cyber landscape is changing rapidly, but 41% of security leaders reported requirements are getting easier to keep up with, despite the increased effectiveness and frequency of cyberattacks.

GenAI is being used to protect businesses against threats from attackers, and CISOs use AI in identifying risks (39%) , threat intelligence analysis (39%), and threat detection and prioritization (35%) – as well as outlining the priorities for CISOs, here’s what we know.

Playing both sides

It’s no secret that GenAI is becoming an integral part of cybersecurity on both the defensive and offensive sides, with attackers using the technology for a range of purposes, including making existing attacks more effective (32%), increasing the volume of existing attacks (28%), and creating new types of cyber threats (23%).

The report illustrates a gap between CISOs and board members, not just in attitudes, but also in allocation, with only 29% of CISOs feeling they’re given an adequate budget to protect their firms, compared to 41% of boards believing their budgets are enough. This manifests as a serious risk factor, with nearly two-thirds (64%) of CISOs linking a lack of support to the cyberattacks they experience.

This isn’t the first report of a disconnect between, with many CISO’s feeling they don’t get the right level of respect from their board, with board members downplaying the severity of attacks and accusing CISOs of being ‘overly negative’.

But there are undoubtedly reasons to be concerned. Although AI is being used in cyber protections, it’s also making cyberattacks even smarter and more dangerous, and this is topping the list of concerns for CISOs, with 36% saying AI-powered attacks are their main concern, followed by cyber extortion (24%), and data breaches (23%).

“Individual employees play a critical role in protecting data. Phishing scams and insider threats are only getting more sophisticated. Whether a large enterprise or a small business, education and awareness across all departments need to be layered on top of AI-powered technologies that detect threats,” says Greg Clark, Director of Product Management, Data Security, OpenText Cybersecurity.

The skills shortage also continues to be a critical issue in tech, but 86% of respondents believe that AI can help fire more entry-level talent to navigate the ongoing cybersecurity skills gap, with 65% also believing AI will ‘allow seasoned security pros to be more productive’.

Overwhelmingly, security experts are joining together with compliance and legal teams to ramp up training, with 91% increasing security training for legal and compliance workers, and 90% providing legal and compliance training for security professionals – so the industry is taking steps to cover all bases.

Attack prevention

Cyberattack prevention is really the bread and butter for cybersecurity teams, but if you’re just starting out with a small business or want to be ultra safe, then here are a couple of top tips for maintaining cyber-hygiene.

First, and probably most importantly, is strong passwords and multi-factor authentication (MFA). Around 80% of data breaches come from poor password security, so this really is crucial. Make sure all company passwords are complex, varied, and as long as possible whilst still being memorable.

Implement password managers and authentication software to make sure employee passwords are secured, and ensure that a strong password policy is in place so that all workers understand the criteria for strong credentials and their importance.

Regular and comprehensive cybersecurity training for all employees is key in empowering your organization to recognize and mitigate potential threats. This should focus on educating employees in risk management and security controls, like antivirus software and firewalls – as well as the cybersecurity frameworks company-wide.

Increasingly important, is the assessment of third-party vendors for vulnerabilities. Businesses and organizations are inevitably connected and it’s virtually impossible for firms to operate without using any third party software vendors.

No matter how impenetrable your cybersecurity is, an attack on a third-party can leave you exposed, illustrated by the US Treasury’s ‘major incident’, a cyberattack originating from a compromised third party.

We know that budgets are tight, and cybersecurity isn’t always a priority, but ransomware attacks can easily cost an organization millions, and can have a knock on effect on customer and business partner trust, as well as reputation damage – so safe practices are a worthy investment.

You might also like

Source

Splunk CISO report lays out security team’s thoughts on 2024 Report details the increase in GenAI in both cyberdefense and cyberattacks There’s a notable gap between the thoughts of board members and security experts The rise of Generative AI (GenAI) in cybersecurity is continuing, with over half (52%) of CISOs…