/dqc/media/media_files/2025/01/31/xEf15dZ45y8xobHm43n3.png)
Sophos Releases Report on AI in Cybersecurity and Emerging Threats
Sophos has released a new report, "Beyond the Hype: The Business Reality of AI for Cybersecurity," based on a survey of 400 IT leaders assessing AI adoption in security. The findings indicate that while 65% of organisations have implemented generative AI (GenAI) capabilities, 89% of IT leaders express concerns about potential flaws in GenAI cybersecurity tools that could introduce security risks.
Additionally, Sophos X-Ops published new research, "Cybercriminals Still Not Fully on Board the AI Train (Yet)," analysing AI adoption among cybercriminals. Investigations into underground forums reveal a gradual shift in how attackers use AI. While scepticism about GenAI persists, some cybercriminals are leveraging it for automating repetitive tasks, generating bulk emails, and analysing data, while others integrate it into spam and social engineering toolkits.
“As with many other things in life, the mantra should be ‘trust but verify’ regarding generative AI tools. We have not actually taught the machines to think; we have simply provided them the context to speed up the processing of large quantities of data,” said Chester Wisniewski, director, global field CTO, Sophos. “The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realized.”
AI in Cybersecurity: Adoption, Concerns, and Organizational Priorities
A survey conducted by Sophos found that 98% of organisations have integrated AI into their cybersecurity infrastructure. However, IT leaders are increasingly concerned about over-reliance on AI, with 87% expressing concerns about a potential decline in cybersecurity accountability.
GenAI Adoption and Workforce Implications
Organisations of different sizes prioritise GenAI differently. Large enterprises (1,000+ employees) focus on enhancing protection, while smaller businesses (50–99 employees) view reducing burnout as the primary benefit. Despite these advantages, 84% of IT leaders across all company sizes worry about pressure to reduce cybersecurity staff due to unrealistic expectations about AI’s ability to replace human expertise.
Key Findings from the "Beyond the Hype" Report
- Challenges in Cost Evaluation: 75% of IT leaders find it difficult to quantify the costs of GenAI in cybersecurity products.
- Cost vs. Savings Expectations: While 80% believe GenAI will increase cybersecurity tool costs, 87% expect overall savings to offset these expenses.
The findings highlight the growing role of AI in cybersecurity while emphasising concerns about cost, accountability, and the balance between automation and human oversight.
Read More: