Skip to Content

AI and Gen AI are set to transform cybersecurity for most organisations

While Gen AI heightens vulnerabilities, more than half of organisations also anticipate faster threat detection and increased accuracy through its use

19 Nov 2024

Paris, November 19, 2024 – The Capgemini Research Institute’s new report, New defences, new threats: What AI and Gen AI bring to cybersecurity”, published today, suggests that while new cybersecurity risks are emerging, due to the proliferation of AI and generative AI (Gen AI), these technologies represent a transformative shift in reinforcing cyber-defence strategies  for the long term to predict, detect, and respond to threats. Two thirds of organisations are now prioritising AI within their security operations.

According to the report, while AI is considered by organisations as a strategic technology to strengthen their security strategies, the increased adoption of Gen AI across various industries[1] brings heightened vulnerability. Gen AI introduces three major risk areas for organisations: more sophisticated attacks with more adversaries, the expansion of the cyber-attack surface, and a growth in vulnerabilities in the entire lifecycle of custom Gen AI solutions. These risks are also compounded by the misuse of AI and Gen AI by employees which can significantly increase the risk of data leakage.

Two in three organisations are wary of increased exposure to threats

Almost all organisations surveyed (97%) say they have encountered breaches or security issues related to the use of Gen AI in the past year. Gen AI also brings additional risks, including hallucinations, biased, harmful, or inappropriate content generation, and prompt injection attacks[2]. Two in three organisations (67%) are worried about data poisoning and the possible leakage of sensitive data through the training datasets used to train Gen AI models.

Moreover, Gen AI’s ability to generate highly realistic synthetic content is posing additional risks: more than two in five organisations surveyed (43%) said they have suffered financial losses arising from the use of deepfakes.

Nearly 6 in 10 believe they need to increase their cybersecurity budget to bolster their defences consequently.

AI and Gen AI are paramount for detecting and responding to attacks

Surveying 1,000 organisations[3] that have either considered AI for cybersecurity or are already using it, the report finds that most rely on AI to strengthen their data, application and cloud security due to the technology’s ability to rapidly analyze vast amounts of data, identify patterns and predict potential breaches.

More than 60% of them reported a reduction of at least 5%, in their time-to-detect, and nearly 40% said their remediation time fell by 5% or more after implementing AI in their security operations centres (SOCs).

Three in five organisations surveyed (61%) believe AI to be essential to effective threat response, enabling them to implement proactive security strategies against increasingly sophisticated threat actors. In addition, the same proportion of respondents foresee Gen AI strengthening proactive defence strategies in the long term, anticipating faster threat detection.Over half of them believe also that the technology will empower cybersecurity analysts to concentrate more on strategy for combating complex threats.

“The use of AI and Gen AI has so far proved to be a double-edged sword. While it introduces unprecedented risks, organisations are increasingly relying on AI for faster and more accurate detection of cyber incidents. AI and Gen AI provide security teams with powerful new tools to mitigate these incidents and transform their defence strategies. To ensure they represent a net advantage in the face of evolving threat sophistication, organisations must maintain and prioritise continuous monitoring of the security landscape, build the necessary data management infrastructure, frameworks and ethical guidelines for AI adoption, and establish robust employee training and awareness programs,” said Marco Pereira, Global Head Cybersecurity, Cloud Infrastructure Services, Capgemini.

Methodology

The Capgemini Research Institute surveyed 1,000 organisations that have either considered AI for cybersecurity or are already using it, across 12 sectors and 13 countries in Asia Pacific, Europe, and North America. They have annual revenues of $1 billion and over. The global survey took place in May 2024. Organisations surveyed represent a diverse range of sectors including automotive; consumer products; retail; banking; insurance; telecom; energy and utilities; aerospace and defence; high-tech; industrial equipment manufacturing; pharma and healthcare and public sector.

About Capgemini

Capgemini is a global business and technology transformation partner, helping organisations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fuelled by its market leading capabilities in AI, cloud and data, combined with its deep industry expertise and partner ecosystem. The Group reported 2023 global revenues of €22.5 billion.

Get the Future You Want |  www.capgemini.com

About the Capgemini Research Institute

The Capgemini Research Institute is Capgemini’s in-house think-tank on all things digital. The Institute publishes research on the impact of digital technologies on large traditional businesses. The team draws on the worldwide network of Capgemini experts and works closely with academic and technology partners. The Institute has dedicated research centres in India, Singapore, the United Kingdom and the United States. It was recently ranked #1 in the world for the quality of its research by independent analysts.

Visit us at https://www.capgemini.com/gb-en/researchinstitute/


[1] Nearly one-quarter (24%) of organisations have enabled Gen AI capabilities in some or most of their functions and locations – Capgemini Research Institute, “Harnessing the value of generative AI 2nd edition: Top use cases across sectors,” July 2024.

[2] Thisinvolves using malicious inputs to manipulate AI and Gen AI models, compromising their integrity.

[3] 1,000 organisations across 12 sectors and 13 countries in Asia Pacific, Europe, and North America, with annual revenues of $1 billion and over.