According to Ivanti research, one in four UK companies lack a documented strategy to combat generative AI ( GenAI ) threats. Let that fall in for a minute. Would we accept the same casual view to, say, workplace health and safety? Possibly not. Yet we are witnessing a technological revolution as it unfolds, while some organizations adopt a extremely silent stance in order to secure it.
The frequency of GenAI’s development has caught several security teams flat-footed. Despite the fact that 47 % of UK security professionals see GenAI as a net positive for security, and they are correct to believe it has potential, this optimism occasionally masks a disturbing lack of preparation.
Consider this startling fact check: Nearly half of UK IT and security professionals ( 49 % ) think GenAI will make phishing a bigger threat. And I’d say they’re right to be concerned. The issue is that their priority doesn’t translate into practicality. A third of businesses haven’t documented a plan to mitigate these risks. We are witnessing unprecedented corporate inertia combined with extraordinary technological advancement. It’s not wonderful.
SVP EMEA for Ivanti.
The data bin capture
The problem goes deeper than simply keeping rate with GenAI’s development. A remarkable 72 % of businesses report that their IT and security is distributed across multiple systems. These pieces of crucial surveillance could just as easily be kept in individual vaults. And 63 % claim that these depots deliberately slowed the time it takes to respond to safety.
Consider about that. Some security teams are also assembling threat data from various systems like a jigsaw puzzle in an age where AI-powered threats may develop and spread at machine speed. That’s not only inefficient — it’s downright dangerous.
The education dilemma
Most safety teams are aware that human mistake is still a significant risk. That’s why 57 % have turned to anti-phishing training as their first line of defense against sophisticated social-engineering attacks. It’s now the most widely used defense against AI-driven threats.
I’ll be the first to point out that anti-phishing training is essential, especially given how frequently well-intentioned employees unknowingly open up opportunities for exploitation by falling for extremely sophisticated phishing schemes.
But powerful employee training is far from enough. It means using today’s tools to fight today’s challenges. Putting more emphasis on best practices to fight AI challenges is similar to using a personal flotation device to keep safe while lounging in -infested waters. The personal buoyancy device: If you use it? Definitely. But it didn’t save you from the real risk.
The good news is that security experts are aware of the spaces left by conventional anti-phishing safeguards. Just 32 % believe this education is “very successful” against AI-powered social engineering attacks. But, and I risk sounding like a damaged record below, the concern and attention aren’t translating into actions.
Beyond standard mechanisms
GenAI’s capabilities expand, and they create new attack surfaces more quickly than standard security measures you. The conventional model of reactionary security measures and fragmented defenses just won’t work again, as I’ve argued. What does make it split? In essence, a systematic approach to coverage management that considers both widespread vulnerabilities and immediate threats.
What does this mean in practice? Security groups must completely reevaluate their strategy, which includes addressing crucial factors like:
Constant monitoring and assessment
Standard monthly security assessments are unable to keep up with threats being driven by AI. Organizations require real-time visibility across their entire strike surface, from conventional assets to new Artificial tools. Moving beyond scheduled risk scans to constant monitoring that can identify and respond to challenges as they develop is required.
Breaking down information warehouses
Those splintered IT and surveillance data businesses? They’re not just an inconvenience—they’re a responsibility. The need for integrated visibility is a necessary security requirement when dealing with complex AI-powered threats that you exploit gaps between systems because 63 % of organizations report slower security responses as a result of fragmented data.
Evolving beyond simple education
Consider — security awareness training is important, but it can’t be your only defense. We need more advanced detection and response capabilities to raise human attention. Combat fire with fire.
Data-driven safety responses
When facing AI-powered challenges, gut instinct and experience aren’t enough. To identify patterns and anomalies that indicate emerging threats, safety teams require thorough data presence. This entails removing the data silos that 72 % of organizations currently struggle with and putting in systems that can provide a single threat visibility.
What awaits you?
GenAI is constantly changing the risk landscape rather than just another trend to watch for technology. While 47 % of security experts view GenAI favorably, this enthusiasm may be matched with concrete actions.
Companies can’t afford to take a wait-and-see strategy to GenAI safety. The humankind’s fast development, combined with existing challenges like data silos and training limitations, necessitates an intentional, complete, layered and proactive approach.
Those who put together comprehensive security plans are now already in the dark, and perhaps a little behind inaction is excessively difficult to catch up with because GenAI continues to evolve and become more sophisticated by the day.
The period for documented strategies, consolidated security visibility and increased threat detection isn’t coming — it’s ok. It’s time to stop worrying about whether your business will need to conform to security problems brought on by AI, and instead focus on how quickly and effectively you can do it.
A final appeal: don’t procrastinate until after you face a serious violation. In this case, “wait and see” corresponds to “wait and pay the price”.
We’ve compiled a list of the best firewall program.
This article was created as part of TechRadarPro’s Expert Insights stream, where we highlight the top and brightest minds working nowadays in the technology sector. The author’s opinions expressed these are those of the author, and they do not necessarily mean anything to TechRadarPro or Potential corporation. If you are interested in contributing find out more here: https ://www.techradar.com/news/submit-your-story-to-techradar-pro