IT Leaders Worried About AI Threats and Their Companies' Readiness - Survey
IT leaders are concerned about the preparedness of their companies to face threats stemming from AI expansion, a new survey showed.
AI and API solutions company Kong surveyed 700 IT leaders and found that almost 75% of them are seriously concerned about AI-enhanced attacks. However, according to the report, while 55% of organizations experienced an API security incident in the past year, 85% say they’re confident in their organization’s capabilities in securing APIs.
"This confidence may be misplaced, given 77% acknowledge the potential for
significant security risks from AI and [large language model] integration into their API ecosystem," Kong noted.
Meanwhile, 40% of the respondents indicated that they’re unsure whether their API security investments are sufficient to protect their companies from AI-related risks, which are also ranked as the top security threat. Consequently, 92% of the survey participants said they were taking measures to counter these threats.
The second most feared threat comes from unauthorized access or breaches.
"AI can lower the barrier to entry for cyberattacks and provides another attack vector to potentially breach organizational defenses around API security," the authors of the report said, adding that because many technologies rely on APIs, API attacks can increasingly impact data security.
Additionally, 77% of the respondents said that there’s a significant risk that AI models, such as large language models (a type of machine learning model), may introduce security vulnerabilities when integrated into their API ecosystem.
According to the survey, increased monitoring and traffic analysis are the most popular measures organizations are taking to secure APIs against AI-enhanced threats. Other measures include educating staff, using AI-driven threat detection systems, leveraging API security solutions with AI and machine learning capabilities, and partnering with third-party security services firms.
The survey also revealed that there’s a "notable difference" between how seriously organizations in the UK and the US seem to consider AI-enhanced threats. For example, 13% of the respondents in the US say they’re taking no specific measures for AI threats compared to 4% in the UK.