A report by Microsoft and Goldsmiths, University of London found that only 13% of UK businesses are protected against cyberattacks, with 48% considered vulnerable and the remaining 39% at high risk.
The survey of 1,039 senior business decision-makers and 1,051 employees revealed that most UK organizations lack adequate cybersecurity tools or processes. Microsoft warns that 87% of organizations face security threats when bad actors leverage artificial intelligence to launch more sophisticated attacks (Figure A).
Figure A
Research highlights from Microsoft and Goldsmiths
|
The UK lives up to its title of “AI superpower”
The report, titled “Mission Critical: Unlocking UK AI Opportunities through Cybersecurity,” said cyberattacks currently cost the UK an estimated £87 billion ($111 billion) per year.
The report’s authors believe that UK businesses’ lack of resilience to cyberattacks is incompatible with the country’s ambitions to become a global leader in artificial intelligence, with the Bletchley Declaration signed in November 2023 and the National Artificial Intelligence Agreement signed in 2021 Strategy” is the hallmark of this ambitious 10-point strategy. An annual program designed to advance the use of artificial intelligence in business and attract international investment.
See: Cyber Alliance: UK NCSC calls on industry experts to join the fight against cyber threats
Microsoft UK CEO: UK organizations must be prepared to retaliate in kind
In the study, 52% of security decision-makers and 60% of senior security professionals expressed concern that current geopolitical tensions could exacerbate their organization’s cybersecurity risks.
As a result, more than half (55%) see insufficient protection as a potential threat to the UK’s economic expansion, while around two-thirds (69%) admit that better cyber security defenses are needed to enable the UK to become a global AI Leader’s ambition.
Meanwhile, Microsoft recently committed to spending £2.5 billion ($3.2 billion) to expand its AI capabilities in the UK as part of a plan to boost the country’s AI industry.
In a foreword to the new report, Microsoft UK CEO Claire Barclay said the UK can only meet its AI aspirations if businesses invest in cybersecurity processes and upgrade their security toolkits to deal with bad actors.
“Just as businesses and governments are keen to exploit the potential of artificial intelligence, so are the bad actors. Traditional add-on security solutions are no longer able to keep up with the threats posed by cybercriminals, which means UK organizations must be prepared to respond in kind.” Barclay said.
“Unless we arm ourselves with AI cyber defenses that are more powerful than AI cyber threats, it will be difficult, if not impossible, for us to grow and ultimately prosper as a nation.”
SEE: Generative AI defined: How it works, benefits and dangers
How artificial intelligence improves cybersecurity capabilities
Paul Kelly, director of Microsoft’s UK security business group, said in the report that the right artificial intelligence technology can improve an enterprise’s ability to detect and mitigate cybersecurity threats by automatically identifying complex patterns and anomalies that human analysts may miss.
“Cybersecurity AI uses artificial intelligence to analyze and correlate cyber threat data from multiple sources, turning it into clear and actionable insights. Security professionals can then leverage these insights for further investigation, response, and reporting.” Kelly said.
“AI can also automatically respond and quarantine affected assets if a cyberattack meets certain criteria defined by an organization’s security team. Generative AI goes a step further, generating raw natural language text, images, and other content based on patterns in existing data. content.”
The potential economic benefits of AI-enhanced cybersecurity for UK businesses
The report highlights the potential benefits of AI-enhanced cybersecurity.
A typical cyberattack costs businesses of all sizes £20,700 ($26,300), with larger organizations facing an average cost of £148,700 ($189,800). However, companies that implemented AI-driven cybersecurity tools saw this expense reduced to £16,600 ($21,200), marking a 20% cost reduction. The report attributes this to the ability of AI security tools to identify and respond to cyber threats more quickly.
Six dimensions of effective AI defense
Understanding current cybersecurity capabilities is critical for businesses looking to improve their defenses against AI threats.
Researchers at Goldsmiths have developed an assessment model based on six key areas to assess UK organizations’ cyber security strategies (Picture B):
- resource.
- Agility, AI and automation.
- R&D and innovation.
- Transparency and technical knowledge.
- Organizational buy-in.
- Trust and mindset.
Picture B
The model is designed to be consistent with standards used in international benchmarks for establishing strong cybersecurity measures. Based on the model, the report found that only a small proportion of UK organizations can be considered resilient to the evolving threats posed by AI.
Cyber awareness needs to spread throughout the organization
The report also highlights gaps in cybersecurity awareness among UK policymakers.
Specifically, 27% are unaware of the costs associated with a successful cyberattack and 53% are unsure of the recovery time from such an incident. This contrasts with higher levels of understanding among security professionals and demonstrates the importance of spreading cybersecurity awareness throughout the organization.
Likewise, the study highlights a significant divergence of opinion on the risks posed by IoT devices: 38% of senior security professionals said they were concerned about IoT, compared with 12% of policymakers. This shows that improving knowledge about cybersecurity risks and mitigation strategies is critical for organizations, the report said.
A five-step blueprint for using artificial intelligence to improve cybersecurity
The report provides government and business leaders with a blueprint for building resilient cyber defenses and effectively using artificial intelligence. Here are five key steps to guide the development of strong protection measures using artificial intelligence technology:
- Supporting widespread adoption of AI in cybersecurity: Encourage rapid adoption of AI defense and innovative cyber strategies.
- Investment objectives: Guide organizations to make targeted investments in AI solutions, whether custom or off-the-shelf.
- Cultivate talents: Leverage skills programmes, on-the-job training and partnerships to improve UK cyber security skills.
- Promote research and knowledge sharing: Invest in R&D partnerships and facilitate the sharing of cyberattack insights to better prepare.
- Enable simple, secure adoption: Work with leaders across industries to provide clear, standards-aligned guidance for AI deployment.
See: Royal Academy of Engineering finds major diversity challenges in UK deep tech
Dr Chris Brauer, director of innovation at Goldsmiths, said in a press release accompanying the report: “The UK has huge potential to lead the world in the application of artificial intelligence, and this is an unprecedented opportunity to strengthen our economy and transform our public services. But This future must be built on security.”
He added: “To become an AI superpower, the UK must maintain its status as a cybersecurity superpower. With many organizations vulnerable to cybercrime, our research reveals the urgency of the problem and what leaders can do Effective action to improve the nation’s cyber resilience.”
#businesses #unprepared #cyberattacks
Discover more from Yawvirals Gurus' Zone
Subscribe to get the latest posts sent to your email.