Global Companies Adopt AI to Enhance Cybersecurity While Facing Emerging Threats

In a groundbreaking research report released by Trend Micro, a leader in AI-driven cybersecurity solutions, the organization highlights a significant shift in how businesses are leveraging artificial intelligence (AI) to strengthen their defenses against cyber threats. However, this embracing of AI is not without its concerns, as businesses voice increasing apprehension over how AI may expand their cyber risk exposure.

According to the data gathered through interviews with 2,250 IT and cybersecurity professionals across various industries in 21 countries, it was found that 81% of global companies are already utilizing AI-powered tools to bolster their cybersecurity protocols. An additional 16% are actively looking into implementation options, showcasing the growing trend of AI integration into cybersecurity strategies. This trend of adopting AI comes with a strong recognition of its benefits, with 97% of respondents expressing openness to using AI in various capacities within their organizations.

Key areas that organizations are relying on AI for include automated asset discovery, risk prioritization, and anomaly detection. In fact, 42% of the surveyed entities are prioritizing AI and automation as essential for improving their cybersecurity measures over the next year. Rachel Jin, Chief Enterprise Platform Officer at Trend Micro, emphasizes that while AI offers great potential for cyber defense—like identifying anomalies quickly and automating repetitive tasks—attackers are also keenly aware of its capabilities and are eager to exploit them.

With this optimism about AI's role in cyber defense, there exists a contrasting worry. A staggering 94% of surveyed businesses believe that AI will negatively affect their cyber risk exposure within the next three to five years. More than half of those surveyed foresee that the scale and complexity of AI-based cyber attacks will rise, prompting them to rethink their existing cybersecurity strategies. Among the concerns listed are: the increased risk of sensitive data exposure, uncertainty regarding the data processing and storage practices of AI systems, and the potential for proprietary information to be compromised by untrusted AI models.

Additionally, businesses are expressing concerns over escalating compliance challenges and monitoring issues that arise from the proliferation of new endpoints, APIs, and shadow IT environments.

An eye-opening example of these risks was displayed during Trend's recent Pwn2Own event held in Berlin, which for the first time included an AI category. The event's findings shed light on the current state of AI security, revealing that out of twelve entries aimed at four significant AI frameworks, multiple successful exploits were recorded. One notable case involved the NVIDIA Triton Inference Server, along with successful compromises of Chroma, Redis, and the NVIDIA Container Toolkit, where attackers leveraged a single vulnerability for a complete compromise. Ultimately, this led to the identification of seven zero-day vulnerabilities within these frameworks, giving vendors a 90-day window to address the flaws before further details are disclosed.

As organizations increasingly weave AI into their IT infrastructures, Trend Micro urges security leaders to adopt a proactive stance in evaluating the evolving risk landscape. The integration of robust security practices throughout the AI adoption process is paramount, as the stakes could not be higher. The key takeaway is clear: while the integration of AI offers monumental opportunities for organizational cybersecurity health, it also requires a deep understanding and risk mitigation strategies to safeguard against emerging threats that could undermine these very advancements.

Trend Micro’s research underscores the imperative of embedding security in the development lifecycle of AI technologies. As AI continues to advance and become an integral component of organizational strategies, understanding and navigating the complexities of this rapidly evolving landscape will be crucial for many enterprises as they work to secure their digital ecosystems effectively.