Security demands attention in AI, 5G era; but cost still a concern for CIOs

IoE for enterprisesAs the adoption of 5G and artificial intelligence (AI) pick up among enterprises, more than 80 percent of cybersecurity and risk leaders in a new global survey say the technologies could make enterprises more vulnerable to security attacks.

The survey conducted by Information Risk Management (IRM), a UK-based cybersecurity company of Altran, reveals that developments in 5G wireless technology will create cybersecurity challenges for majority of enterprises.

The top three 5G-related concerns are greater risk of attacks on Internet of Things (IoT) networks, a wider attack surface and a lack of security by design in 5G hardware and firmware.

Eighty-three percent of survey respondents said 5G developments will create cybersecurity challenges for their organizations, suggesting that the new technology will bring heightened risks.

Further, the vulnerabilities in 5G appear to go beyond wireless, introducing risks around virtualized and cloud native infrastructure.

With cybersecurity emerging as a priority in the evolving digital era, 86 percent of respondents expect AI to have an impact on their cybersecurity strategy over the next five years, as AI systems are integrated into core enterprise security functions.

The survey has identified the top three AI applications that respondents would consider implementing as part of their cybersecurity strategy. They are network intrusion detection and prevention, fraud detection and secure user authentication.

“AI in cybersecurity is a double-edged sword,” the report said. “It can provide many companies with the tools to detect fraudulent activity on bank accounts, for example, but it is inevitably a tool being used by cybercriminals to carry out even more sophisticated attacks.”

Surprisingly, though majority (91 percent) of respondents said the increased cybersecurity awareness at the C-level has translated into their decision-making, most cybersecurity decisions are still based on cost – and not on the safest solutions to put in place, indicating a lack of understanding of the financial and reputational impact of cyber attacks.

The survey found that 30 percent of respondents are unaware of the Networks & Information Systems Directive (NIS) Directive/Regulations, and of the 70 percent who are aware of the legislation, over a third have failed to implement the necessary changes.