Cyber security professionals in the UK are expressing growing concerns about the impact of artificial intelligence (AI) on the industry. According to the Chartered Institute of Information Security (CIISec), a majority of professionals believe that threat actors will benefit more from AI than defenders. The State of the security profession report revealed that 89% of respondents thought AI would benefit attackers, compared to 84% who believed it would benefit the cyber security industry directly.
Moreover, the study highlighted a lack of planning for AI among UK businesses, with 44% of cyber professionals stating that their organizations were unaware of the risks posed by AI and lacked sufficient policies to ensure safe usage. Despite this, 85% of respondents were considering the use of AI themselves. AI and machine learning are expected to be the most influential technologies in the security sector by 2025, with 51% of professionals in agreement.
Amanda Finch, CEO of CIISec, emphasized the need for building knowledge around the threats posed by AI, particularly generative AI. She stressed the importance of educating those entering the industry and those looking to start a career in cybersecurity to defend against AI attacks effectively. Finch highlighted the role of security practices in educating the wider business about risk and safety to combat cyber threats effectively.
In addition to AI concerns, CIISec’s annual report delved into broader security industry trends. While sector wages have seen significant growth, reaching over £87,000, professionals are facing budget constraints and unsustainable defense capabilities against cyber incidents. Many professionals reported feeling overworked and experiencing sleep issues due to job pressures. The report also addressed the lack of diversity in the security sector, which is contributing to a widening skills gap.
CIISec emphasized the need to address diversity failings and improve recruitment and retention practices to bridge the skills gap effectively. The sector’s exclusive nature, coupled with retention challenges and a lack of diversity, poses operational challenges in tackling advanced cyber threats. By diversifying recruitment practices, focusing on skills-based hiring, and addressing issues like stress and career progression, the industry can attract and retain talent to make the cybersecurity landscape more robust.
As the cyber security industry continues to evolve amidst technological advancements like AI, addressing these challenges will be crucial in safeguarding organizations against cyber threats in the future. By prioritizing education, diversity, and talent retention, the industry can strengthen its defenses and adapt to the changing threat landscape effectively.