New Research Shows Accelerating AI Adoption is Critical to Public and Private Sector Resilience Against Evolving Cyber Threats
ALEXANDRIA, Va. – Eighty percent of cybersecurity decision makers say accelerating artificial intelligence adoption is critical to their organization’s resilience against evolving threats, but only 31 percent say their organization is using AI today, according to a new study from MeriTalk, government IT’s top digital platform, and RSA Conference, the world’s leading information security conferences and expositions.
“AI technologies, like machine learning (ML) and natural language processing (NLP), are not new to cybersecurity, but their applications are quickly evolving from optional enhancements to strategic necessities”
The study – which compiles qualitative data from five in-depth interviews with senior cybersecurity leaders, as well as quantitative data from 100 Federal and 100 private sector cybersecurity decision-makers, examines early cyber AI wins and asks cyber professionals how they want to work with AI going forward. While 86 percent feel human-AI collaboration will become the cornerstone of effective cybersecurity strategies, just one in five fully trust AI to automate cybersecurity decisions. When it comes to their ideal division of responsibilities, cyber leaders want humans to keep majority ownership of more nuanced efforts like strategic planning, innovation, and governance; while AI takes the lead on data-heavy efforts like cyber risk assessments and threat detection and response.
While most organizations view their current AI governance as adequate, critical policy gaps exist. Less than half have documented policies for decision-making models or formal ethical or program testing guidelines, and just 40 percent report policies specific to critical infrastructure. Additionally, just 30 percent feel their organization is well prepared to combat AI-driven cybersecurity threats. The challenges having the biggest impact on AI adoption are fears of increased attacks on new AI models, data, or services, a lack of a skilled workforce to implement, and data quality, integrity, or availability challenges.
“AI technologies, like machine learning (ML) and natural language processing (NLP), are not new to cybersecurity, but their applications are quickly evolving from optional enhancements to strategic necessities,” said Nicole Burdette, principal, MeriTalk. “We are already seeing AI users improve vulnerability detection and accelerate incident response times. The challenge for the next 6-12 months will be putting the right guardrails in place so organizations can maximize AI adoption and benefits while minimizing additional risk.”
“The impact of AI across our industry is seismic, and we’re clearly in the early days of understanding and adapting to the impact on teams and tools,” said Britta Glade, Vice President, Content & Curation, RSA Conference. “As evidenced in this research, the days and months ahead will be critical, and organizations must clearly and purposefully evaluate and define the boundaries and guardrails for how AI will be infused into workstreams and processes.”
When asked to envision the future of human-AI collaboration, cyber professionals relayed a mix of optimism and caution. While many see immense potential for innovation, efficiency, and improved security, concerns around safety, ethics, and responsible development remain.
To optimize AI’s cyber impact, the report recommends organizations:
- Start with increased human communication and collaboration
- Emphasize a culture of continuous learning
- Evaluate AI use cases by tech maturity, mission value, and risk
- Build in AI security from inception
- Be realistic about expectations
- Focus on thorough testing and evaluations
- Embrace change
The Art of Human and AI Teaming in Cybersecurity report is underwritten by Fortinet Federal and Maximus. The report has a margin of error of ±6.93 percent at a 95 percent confidence level. To review the full findings, visit: https://meritalk.com/study/art-of-human-and-ai-team-cybersecurity/?campaign=pr
About MeriTalk
The voice of tomorrow’s government today, MeriTalk is government IT’s top digital platform. Our award-winning editorial team and world-class events and research staff produces unmatched news, analysis, and insight. The goal: more efficient, responsive, and citizen-centric government. MeriTalk connects with an audience of 160,000 Federal community contacts. For more information, visit www.meritalk.com or follow us on X, @MeriTalk. MeriTalk is a 300Brand organization.
About RSA Conference
RSA Conference™ is the premier series of global events and year-round learning for the cybersecurity community. RSAC is where the security industry converges to discuss current and future concerns and have access to the experts, unbiased content, and ideas that help enable individuals and companies advance their cybersecurity posture and build stronger and smarter teams. Both in-person and online, RSAC brings the cybersecurity industry together and empowers the collective “we” to stand against cyberthreats around the world. RSAC is the ultimate marketplace for the latest technologies and hands-on educational opportunities that help industry professionals discover how to make their companies more secure while showcasing the most enterprising, influential, and thought-provoking thinkers and leaders in cybersecurity today. For the most up-to-date news pertaining to the cybersecurity industry visit www.rsaconference.com. Where the world talks security.