Growing cyber threats and a shortage of cyber talent is pushing firms to embrace artificial intelligence to help spot malicious activity, according to a survey from Code42, a data leak prevention (DLP) firm.
An overwhelming 83% of cybersecurity managers said they use artificial intelligence tools, while 92% said they leverage Generative AI tools to automate detection and response so they can focus on other tasks, according to Code42’s Annual Data Exposure Report for Life Sciences, which was released July 16th.
The findings could be an early indicator of the disruptive effect of AI on an industry that has long struggled with worker shortages. However, AI is not a direct replacement for talent and poses significant security challenges if robust policies aren’t implemented to address the risks that accompany its use, Code42 found.
The survey, conducted by independent market research firm Vanson Bourne polled 700 respondents including 300 who identified themselves as cybersecurity practitioners, 200 cybersecurity managers, and 200 cybersecurity leaders. Respondents represented public and private sector organizations headquartered in the USA including representatives from the automotive, aerospace, manufacturing, energy, oil/gas, pharmaceutical, technology, and life sciences/biotechnology sectors.
Cybersecurity worker shortages have persisted for decades. The World Economic Forum puts the shortage of cybersecurity professionals at 4 million workers globally, while ISACA’s most recent State of Cybersecurity report found that 71% of survey respondents had unfilled cybersecurity positions. The cybersecurity worker shortage is “here to stay,” ISACA concluded.
That persistent shortage is taking a toll. The Code42 survey data revealed that 79% of cybersecurity leaders have reported a skilled worker shortage, affecting security measures against insider threats and could be a catalyst for continued data loss.
IP Theft Drives Life Sciences to Embrace AI
The gaps in staffing are felt particularly hard in the life sciences sector, where Code42 found that 73% of Life Sciences organizations are benefitting from AI technology as they look to prevent the theft of valuable research and other Intellectual Property.
The risk of IP theft in life sciences sectors like pharmaceuticals is particularly high, with the cost to develop and bring a new drug to market estimated to be north of $1 billion, and numerous incident of insider attacks involving employees making off with sensitive research data. For example, Pfizer recently filed a lawsuit against a long-term employee who stole confidential data as she decided to join a competitor, uploading more than 1200 proprietary files, including information related to the COVID-19 vaccine, to her personal account and devices from her company-issued laptop. In another event of trade secret theft within the biopharma sector, former employees were found guilty of stealing proprietary information that would benefit the competitors.
That is spurring security teams in the Life Sciences sectors to lean into AI. More than three quarters (78%) of companies in the Life Sciences sector experienced an increase in time spent investigating data incidents year over year. That spurred adoption of new AI tools – surpassing industries including aerospace and oil and gasin a mission to continue innovating in the face of talent-shortage headwinds, the Code42 report found.
AI: A Double Edged Sword In Protecting IP
However, while generative AI offers benefits for resource- and staff-constrained firms, it also introduces a range of new risks that must be addressed, the report found. Among those: leaks of proprietary information and sensitive IP.
Eighty four percent of the cyber pros at Life Sciences companies surveyed believe their sensitive data is increasingly vulnerable to new AI technologies, especially generative AI, while 86% of all surveyed cybersecurity leaders said that the usage of AI tools puts their company at risk of data exfiltration.
Despite that, the benefits of AI outweigh the risks, according to Code42.
“Given all the risks that come with GenAI, it might seem easiest to just ban employees from using it — but that’s not an option for innovative life sciences companies. So first, start with education. Once you’ve defined the acceptable use cases for GenAI, teaching employees and contractors about how they can use it wisely goes a long way in protecting corporate IP, ‘’ said Joe Payne, Code42’s CEO.
Best Practices to Protect Against Insider Threats
Managing increasing risks of data- and IP theft means that organizations need to abandon hopes for a “silver bullet” and adopt a more holistic approach to risk management, Code42 said. That includes adopting technologies and solutions beyond mere detection and reactive processes, enabling firms to detect, prioritize, and respond to incidents while minimizing insider-driven risk.
Other recommendations include emphasizing visibility to safeguard the data and thinking beyond compliance and GRC to zero in on risky behavior that may lead to leaks of sensitive information. Security professionals leveraging the right tools and integrating comprehensive security programs foster a proactive culture throughout the organization to address the risk of growing threats, Code42 said.
You can read the entire Code42 report
Thanks Nice and Informative Blog.
computer and network security
Thanks! Nice and informative blog.
User activity monitoring