This time just a year ago the world was only beginning to hear about ChatGPT, which launched on November 30, 2022. A year later, “generative AI” has taken the world by storm, for both good and ill. This meteoric rise has led companies to have to very quickly scale their policies, use cases and rules around what this technology can and should be used for — and what it absolutely shouldn’t. 

In a recent survey by Axonius, just over three-quarters (76 percent) of IT and security decision makers acknowledged that their organizations are spending more on artificial intelligence and machine learning than they were a year ago. And even more  — 85 percent — are interested in applying AI to their IT and security operations next year. 

However, a large majority — 72 percent — also admitted to being concerned about the potential negative impact of generative AI on their organization, due to its ability to write very convincing phishing emails. 

Many organizations feel the pressure to get on top of this issue as fast as possible. A recent Cisco report found that 61 percent of respondents think they have at most one year to implement an AI strategy before their organizations begins to feel significant negative business impacts. And almost all of them (97 percent) report that the urgency to deploy AI-powered technologies has increased in their company in the last six months.

Yet, the same survey found that 23 percent of companies have limited to no scalability when it comes to meeting new AI challenges within their current IT infrastructure. And just 14 percent feel they are “fully prepared” to deploy artificial intelligence. 

The lightning speed of AI and generative AI’s availability to businesses and the world means that many organizations are dealing with this trend whether they are ready or not.

A report by Pluralsight highlighted the need for training initiatives. Despite 92 percent of participants in the report saying their organization has accelerated AI initiatives in the last 12 months, a large majority — 80 percent of executives and 72 percent of IT practitioners — agree that their organizations frequently invest in new technology without considering the training employees need to use it. Even though 81 percent of technologists said they are confident about integrating AI into their roles, just 12 percent have significant experience working with AI. And 94 percent of IT professionals say that AI initiatives will fail in the absence of skilled teams that understand how to effectively use and work with these tools. 

Many organizations see AI technologies as a positive addition to their cybersecurity toolbox, with over half or respondents in a report conducted by CyberRisk Alliance saying they believe cybersecurity outcomes enabled by AI tools will be more cost-effective than that of humans. Nearly two-thirds (64 percent) are highly likely to add an AI-centric technology or solution to improve their cybersecurity readiness within the next year.

Of course AI is a double-edged sword, and as much as it can help companies be more efficient and do more with their security, there is also a threat from the cybersecurity side, as the same tools that help organizations can also help the bad guys. 

In a recent article in Security Magazine on Top Cybersecurity Trends of 2023 Shawn Surber, senior director of technical account management at Tanium, said, “Unlike most risk factors, generative AI is becoming universal. AI is being rapidly built into all sorts of tools, and whenever development is rapid, it creates a potential for unexpected vulnerabilities. Additionally, with free and paid access to generative AI available to everyone, the risk of unintentional insider threat style data leaks grows exponentially. … Generative AI could potentially take the concept of malware as a service and script-kiddy activities to a whole new level as newcomers to the field utilize code generators to build their code.”

Whatever comes next, it’s clear that AI — and generative AI in particular — will have a significant to play and organizations need to get a handle on this technology, fast.