New research by Hornetsecurity highlights the AI cybersecurity gap affecting UK businesses. Although nearly half (45%) of companies have fallen victim to cyberattacks, 26% are still not using AI to enhance their cybersecurity defences.
The survey, which gathered responses from over 500 C-suite professionals across the UK, reveals that cyber threats are an escalating concern. 85% of respondents acknowledge the increased sophistication of these attacks, largely attributed to AI facilitating the process of threat creation.
Commenting on the findings, Hornetsecurity CEO, Daniel Hofmann, said: “The results show how prevalent cyber crime is – and while 74% of businesses integrate AI into their defences with the goal of blocking threats, there’s a concerning quarter who have yet to use this technology. Businesses must recognise the potential of AI in tackling cyber threats and integrate it in their security strategies to stay ahead of increasingly sophisticated attacks.”
The double-edged sword of AI
The dual nature of AI in cybersecurity continues to trouble professionals across the full range of sectors: an equal 40% of respondents see AI as a mitigator and an exacerbator of cyber threats. Regarding personal experience, the direct split was again repeated: 45% of business leaders found AI helped, and a further 45% reported AI had worsened the threat landscape.
This comes as threat actors increasingly use AI to automate, sophisticate (and sometimes translate) malicious attacks globally. The UK’s National Cyber Security Centre (NCSC) found that AI is lowering the barrier of entry to novice cybercriminals.
Phishing attacks and deep fakes
There’s a clear concern about AI-enhanced phishing attacks, with 58% identifying it as their top worry. Deepfake technology also emerges as a significant concern, with 39% of businesses worried about its potential – and growing – use in cyberattacks.
Despite the challenges, AI plays a crucial role in bolstering cybersecurity efforts. More than half of businesses (52%) use AI to improve threat detection, and 19% implement it for cybersecurity training. However, over a quarter (26%) of companies have yet to adopt AI in their cybersecurity strategies, highlighting a gap in using advanced technology to detect and combat threats.
Investment in AI and the looming threat of zero-day attacks
There is a marked split in prioritising investment in AI for cybersecurity, with 42% placing it at the top of their agenda, contrasted by 29% considering it a lower priority or not a priority at all. This divide underscores the varying levels of awareness and readiness among businesses to integrate AI into their cybersecurity frameworks.
Alarmingly, only 19% of businesses feel well prepared for a zero-day attack, with a mere 8% rating themselves as fully ready. There is a disparity in preparedness across industries. The IT and Communication sector displays the highest confidence level, with 38% rating their readiness as 9 or 10. This is followed by the education, banking and financial services sectors.
Meanwhile, the sectors of government and defence, sport and recreation, and several others report a startling lack of confidence in their preparedness, highlighting a critical area for improvement. Over 1 in 10 businesses are not ready for a zero-day attack, a total of 11%.
The future of AI in cybersecurity
Looking ahead, 74% of respondents believe that the role of AI in cybersecurity will only grow in importance over the next five years. This response indicates a future where AI’s integration into corporate cybersecurity strategies is not just an option but a necessity.
Hofmann adds: “For businesses, the message is clear: embracing AI in cybersecurity is essential. Companies should not just invest in new technologies but strengthen all technical and human defences against an ever-evolving – and frightening – threat landscape.”
