Just 13% of UK organizations are resilient to cyber-attacks, with the remainder either vulnerable or at high risk of damaging cyber-incidents, according to a new report by Microsoft in collaboration with the University of London.
The tech giant said the lack of secure foundations harms the UK's ambition of becoming an 'AI superpower'.
The report defined resilient organizations as those that have implemented security-by-design across their networks.
They must be adopting AI security tools to enable them to detect and respond faster to threats.
Of the 48% of organizations categorized as 'Vulnerable,' the researchers said that while defensive systems and processes are in place, additional investment and support is required to build resilience.
Organizations considered 'High Risk' are those that have limited focus on cybersecurity, and mostly fail to use AI in their business at all.
The research also found that cyber-attacks could be costing UK organizations £87bn every year, and estimated that stronger cybersecurity could save the UK economy £52bn annually.
The majority of decision-makers and senior security professionals surveyed expressed concern that current geopolitical tensions will increase cyber risks to their organization.
Nearly three-quarters of senior security professionals said they feared the risks posed by AI to their organization, with this sentiment expressed by 49% of decision-makers.
Despite this concern, only 55% of organizations are prepared for cyber threats and just 43% have designated resources for cybersecurity-related events.
Less than half of these leaders claimed to understand the cybersecurity skills their workforce requires, and only 56% have offered cyber-awareness training to staff.
Almost a third of UK decision-makers admitted they do not know what cost a successful cyber-attack would have to their organization, while 53% do not know how long it takes to recover from one.
The report estimated that businesses that incorporate AI into their security strategy might lower financial losses after a successful attack by 20%. The average cost of incidents for organizations using AI in security was £16,600 which compares to £20,700 for those not using these tools.
The researchers calculated that organizations using AI in cyber defense could withstand an average of 254 successful attacks before the equivalent of their annual revenue is wiped out.
This falls to just 106 attacks for organizations not deploying AI in this manner.
Just 21% of organizations currently deploy AI in the detection of cyber vulnerabilities, and only 27% are using it specifically to strengthen their cyber defenses.
The report emphasized that AI offers UK organization an opportunity to tip the scales in their favor against cybercriminals.
On March 13, 2024, Microsoft announced that its Copilot for Security product will be generally available worldwide from April 1 following a the conclusion of its early access program for select customers.
The large language model is designed to assist security teams in a variety of functions, including classifying and responding to incidents, report writing for investigations, and analyzing the organization's internal and external attack surface.
Speaking on a Microsoft security briefing call on March 12, Andrew Conway, Vice President Security Marketing at Microsoft, said Conway revealed that the tech giant is currently in the process of embedding Copilot for security across the entire Microsoft security portfolio.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 18 Mar 2024 12:40:07 +0000