Security leaders estimate that, on average, cyber incidents cost their organization $3.7 million, with 46 percent suffering from an outage or disruption to their services as a consequence of attacks.
A new survey from Red Canary of 550 security leaders, from the US, UK, New Zealand, Australia, and the Nordic countries, finds that SOC teams continue to struggle with the challenges of securing cloud environments, identities, and AI technologies amid evolving threats.
Among the findings are that 80 percent of security leaders say they’re spending more than ever on security — yet breaches and threats keep growing. Security teams are struggling to keep up as the attack surface has widened by 41 percent in the past 12 months, while 73 percent of security leaders say the time from detecting an attack to resolution has increased.
Safeguarding identities is essential as 83 percent of security leaders say today’s attackers don’t break in — they log in, and they’re harder to stop than ever. Identity and access management isn’t enough.
The skills shortage continues too, 75 percent of organizations have skills shortages around intrusion detection and 72 percent around incident response.
“CISOs, like their peers in lines of business, know they need to augment their teams with AI and automation, but finding security products and services that deliver actual value is hard amidst all the hype and empty marketing,” says Brian Beyer, co-founder of Red Canary. “They need to go all in on expert-supervised AI agents that support security analysts in threat detection, investigation, and response, with the focus on proven solutions powered by LLMs trained on real-world data to deliver unmatched speed and accuracy — not just the latest shiny tool or a legacy vendor repackaging itself as AI.”
The study shows 78 percent of security leaders say the talk of AI releasing a tidal wave of novel attacks is fear mongering, but 43 percent have already experienced an incident relating to their own AI tools.
Top AI use cases in security operations today include detection analytics (65 percent), intrusion detection (59 percent), and SIEM management (54 percent). However, 75 percent of security leaders worry that while AI helps security teams work faster, it could ultimately reduce their ability to solve problems independently.
The full report is available from the Red Canary site.
Image credit: Valeriya Ignatenko/Dreamstime.com
