Artificial intelligence (AI) is rapidly transforming the world cybersecurity landscape, offering innovative solutions to complex challenges. However, this innovation raises crucial questions:
- How should we approach AI governance to ensure responsible use and minimize harm?
- Does AI make the balance between innovation and privacy impossible?
At Swimlane, we are committed to promoting cutting-edge, forward-thinking innovation that is both secure and impactful for your organization. We combine this with transparency to help organizations stand out and make informed decisions.
We recently partnered with Sapio Search to interview 500 cybersecurity leaders in the US and UK to explore the ongoing debate around AI governance. The findings reveal differences of opinion on who should be responsible for AI oversight, highlighting key perspectives on government and vendor accountability.
While our research provides valuable insights, there is something particularly powerful about the unfiltered perspectives of past and present chief information security officers (CISOs). During a recent webinar, AI Reality Check: CISOs Unveil Their Role in CybersecurityCEO of TAG Cyber and former CISO of AT&T Ed Amoroso joined Swimlane’s CISO Michael Lyborg for an in-depth discussion on research findings and the state of AI in cybersecurity.
This blog is the first in a three-part series summarizing both the research data and expert perspectives shared during the webinar. Continue reading to explore the key findings and download the full report for a more in-depth analysis: Does AI deliver on its cybersecurity promises?
Key findings from AI research
The paradox of policies and practices
While 70% of organizations have protocols in place for sharing data with public large language models (LLMs), 74% are aware that employees enter sensitive data into these models. This indicates a gap between policy and practice.
The AI Hype Cycle: Fatigue and Adoption
Amid growing AI fatigue and skepticism, the demand for AI and machine learning (ML) expertise continues to shape staff priorities.
- 76% of those questioned think that the current AI the market is saturated with hype
- 55% of those surveyed expressed fatigue due to constant concentration on AI
However, in counterpoint, 85% of respondents agree that AI and ML experience influences their hiring decisions. This suggests that despite the hype, AI skills are increasingly valued in the job market.
Is AI just overrated or is it actually an engine for growth? While the issue remains under debate, our recent webinar revealed the perspectives of current and former CISOs and delved deeper into this topic.
In AI Reality Check: CISOs Unveil Their Role in CybersecurityMike Lyborg, CISO of Swimlane, and Ed Amoroso, CEO of Tag Cyber, agreed that AI is providing tangible solutions today. However, they pointed out that vendors who oversaturate their messages with AI, without demonstrating real-world use cases, are only contributing to the noise, making it harder for security managers and buyers.
If you’re having trouble navigating the overwhelming jargon of the AI industry, this blog about 8 essential questions to ask AI security vendors will help you cut through the noise and make more informed decisions.
The AI governance debate
Our research report also explores the key question of AI governance, highlighting a divided perspective:
- Limited role of government: Only 28% of respondents believe the government should have primary responsibility for AI governance.
- Supplier Responsibility: Nearly half (46%) believe that companies developing AI should bear the brunt of the consequences when AI systems cause harm.
To make sense of this divided landscape, we asked our CISO experts for their concrete perspectives. Here’s a recap of what they had to say.
- Organic governance: Both Amoroso and Lyborg emphasize the need for organic AI governance that evolves alongside the technology itself. They warn of heavy-handed government intervention.
- Individual responsibility: While recognizing the role of vendors and organizations, CISOs emphasized the importance of individual responsibility in using AI tools ethically and responsibly.
Tips and Takeaways for CISOs in the Age of AI
Research data and real-world expert perspectives highlight the need for a balanced approach to AI in cybersecurity. Although AI offers immense potential for innovation, organizations must proactively manage privacy risks. This implies:
- Clear policies and training: It is essential to establish and enforce clear policies regarding the use of AI, coupled with comprehensive employee training.
- Focus on value: It is crucial to put an end to the hype around AI and focus on solutions that add real value.
- Collaborative governance: A collaborative approach to governance, involving government agencies, providers and individual users, is necessary to navigate the complex AI landscape and ensure its responsible and ethical use.
AI is not a panacea for everyone cybersecurity challenges. However, with thoughtful governance and a focus on balancing innovation and privacy, it can be a powerful tool for improving security postures. Remember, the key is to harness the power of AI while mitigating its risks, ensuring that innovation doesn’t happen at the same time. cost of confidentiality.
TAG Cyber Tech Report: Using AI for SecOps Automation
The analyst report begins with a brief overview of the SOAR market and the story of how Swimlane evolved from a SOAR platform to an AI-enhanced security automation platform. To better understand Swimlane’s use of AI, read the full report.