CISOs prioritise security as ai threats surge

AI’s rapid evolution forces CISOs to view security as a core operational strategy.

Bugcrowd’s latest ‘Inside the Mind of the CISO’ report reveals that 76% of CISOs believe the AI threat landscape is evolving too fast to secure, emphasising the need to prioritise cybersecurity. Nick McKenzie, CISO of Bugcrowd, discussed the challenges and strategies facing CISOs today.

“I actually see cybersecurity as a core facet of operational resilience. If we define operational resilience as a company’s ability to withstand recovery from an event, I see that as inclusive of a cybersecurity event as well,” McKenzie explained. He noted that while CISOs focus on securing applications or infrastructure upfront, CIOs often prioritise quick market entry. “Both are valid business objectives, but we do have a clash of prioritisation between the CISOs and the CIOs,” he added.

The use of AI has further complicated the cybersecurity landscape. “There’s a triality in the use of AI as it impacts CISOs and the broader threat landscape,” McKenzie stated. He outlined three areas: AI as a threat, AI as a tool, and AI as a target. “Some fear AI models could cause insidious harm. On the other side, AI can be a defensive tool, aiding internal security teams with fast tools that help strengthen their defences. But adversaries are also leveraging AI to automate and fuel attacks, increasing their velocity and sophistication,” McKenzie said. 

The adoption of AI in business processes also expands vulnerabilities. “With the business push of adoption of AI comes an expansion of external vulnerabilities in their attack surface,” McKenzie noted.

To handle AI-related security issues, CISOs and security teams are leveraging AI-driven solutions internally. “Gen AI helps with threat intelligence, making better and more informed decisions off the curation of large threat intelligence data sets,” McKenzie explained. AI is also enhancing identity and access management by providing insights that are not easily detectable by human analysis.

A key finding from Bugcrowd’s report, “Inside the Mind of a CISO,” based on responses from 200 security leaders globally, is that 31% of CISOs view security as a competitive advantage. “Security leaders said that having a strong security brand is paramount. Security today is more than just best practice or compliance; it’s a competitive advantage that businesses use. Consumers are becoming more aware of how security and trust factor into purchasing decisions,” McKenzie emphasised.