Censornet, a UK cybersecurity provider, has found that small and medium enterprises’ (SME’s) in the UK are facing the equivalent of 219,000 cyber security notifications a year. On average they only have two minutes to investigate each threat.
The State of AI in cybersecurity report’s survey of 200 UK Based IT and security leaders found that the number of incidents had actually dropped 17% since last year, but the number of people “losing sleep” over security concerns has doubled at the same time.
38% of survey responders said they fear that missing an alert that will allow a fatal threat to enter the business.
The drop in alerts is attributed by Censornet to companies embracing an AI-led, consolidated approach to security.
But while alert numbers are falling, there is concern that a lack of human resource in security teams (35% of SME’s have two or less people working on cybersecurity) means they are unable to respond to the high number of alerts being generated.
Censornet believe this is partly driven by the number of siloed security products employed by SME’s, increasing the overall number of alerts, and spreading teams risk attention too thin.
However, the research found that SME’s were looking at consolidating the security products they use, with the number of SME’s using 41 or more products falling from 15% to 8% in the space of a year.
Generative AI is increasing the complexity and volume of threats, and SME’s are fighting fire with fire by employing the technology in their defences as well.
Three in ten SME’s said in the survey that their main priority is to deploy AI and machine learning to autonomously respond to security events and prevent attacks.
Furthermore, organisations are increasingly placing their trust in AI to streamline security operations and save costs. 76% of SMEs said they were investing in automated alert and data-sharing technology to prevent and respond to cyber-attacks in real-time.
“The democratisation of AI is a game-changer in the world of cyberattacks - generative AI is helping hackers create highly persuasive content for phishing, or business email compromise (BEC) attacks. It’s also much easier for cyber criminals to create convincing deepfakes in manipulated videos and images,” explained Ed Macnair, CEO of Censornet.
“Traditional cybersecurity systems may struggle to fight the increased volume, scale and precision of AI-generated threats. So, SMEs are investing in AI-powered solutions to sift through, prioritise and respond to alerts to alleviate the workloads of stretched teams and budgets,” Macnair continued.
However, whilst AI- powered tools are a core part of the solution, Macnair says that the human element cannot be ignored.
“Training, education and embedding a culture of security awareness throughout an organisation are equally as important as any AI-led platform in protecting against the new threat landscape,” he concluded.