The security practices of Chief Information Security Officers (CISOs) and Chief Security Officers (CSOs) were analyzed in a recent report by Splunk Inc. According to the report, 86% of surveyed CISOs believe generative artificial intelligence (AI) will alleviate skills gaps and talent shortages on the security team. Thirty-five percent report using generative AI for positive security applications and an additional 61% will likely use it within the next 12 months.

Ninety percent of respondents reported their organization experienced at least one disruptive cyberattack last year. Numerous industries experienced ransomware attacks that significantly impacted their systems and business operations, including financial services (59%), retail (59%) and healthcare (52%). Eighty-three percent of organizations paid the attackers in the wake of a ransomware attack, and more than half paid at least $100,000. The retail industry is the most likely to pay the ransom, with 95% of respondents reporting they either paid directly, through cyber insurance or a third party.

The majority of CISOs (70%) surveyed believe generative AI could give cyber adversaries more opportunities to commit attacks, yet 35% are already experimenting with it for cyber defense including malware analysis, workflow automation and risk scoring. CISOs in healthcare (88%), manufacturing (76%) and financial services (72%) express the most fear that generative AI would give either a strong or slight advantage to cyber adversaries. Fifty-one percent of CISOs in financial services say they planned to implement specific cybersecurity controls to mitigate AI security risks. Ninety-three percent of CISOs have extensively or moderately implemented automation into their processes.

CISOs responded that tool sprawl is a major concern, likely compounding existing visibility issues. The vast majority (88%) say they see a need to rein in security analysis and operations tools with solutions like security orchestration, automation and response (SOAR), security information and event management (SIEM) and threat intelligence. CISOs are looking to decrease the number of tools they use and simplify processes with automation.

Read the full report here.