PARIS, FR — janvier 28, 2025 —

Sophos, a global leader of innovative security solutions for defeating cyberattacks today released a new report, “Beyond the Hype: The Businesses Reality of AI for Cybersecurity,” which surveyed 400 IT leaders on their use of AI in security. The survey found that, despite 65% having adopted generative artificial intelligence (GenAI capabilities), 89% of IT leaders are concerned that flaws in GenAI cybersecurity tools could put their organization at risk.

Additionally, according to new Sophos X-Ops research, “Cybercriminals Still Not Fully on Board the AI Train (Yet),” also released today, there has been a slight but noteworthy shift in the way cybercriminals use AI. After investigating several underground forums, Sophos X-Ops found that, while there’s still skepticism about GenAI, some criminals are using it to automate mundane tasks, such as crafting bulk emails and analyzing data. Others are incorporating it into spam and social engineering toolkits.

“As with many other things in life, the mantra should be ‘trust but verify’ regarding generative AI tools. We have not actually taught the machines to think; we have simply provided them the context to speed up the processing of large quantities of data,” said Chester Wisniewski, director, global field CTO, Sophos. “The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realized.”

With some form of AI embedded in the cybersecurity infrastructure of 98% of organizations surveyed, IT leaders expressed concern about potential over-reliance on AI, with 87% of respondents stating they were concerned about a resulting lack of cybersecurity accountability.

GenAI and Reducing Burnout

Different-sized organizations expressed different priorities for utilizing GenAI. While large organizations (those with more than 1,000 employees) are prioritizing improved protection, respondents with 50-99 employees rated reducing burnout as their top desired benefit from GenAI tools. However, complicating matters, across all sizes of organizations, 84% of leaders surveyed said they were concerned about pressure to reduce cybersecurity professional headcount due to unrealistic expectations about AI’s abilities to replace human operators.

Other Key Findings from the “Beyond the Hype” Report:

  • Costs of GenAI Are Hard to Quantify: 75% of IT leaders agree that the costs of GenAI in cybersecurity products are hard to quantify.
  • Companies Are Counting on Savings from GenAI: While 80% of IT leaders believe that GenAI will significantly increase the cost of cybersecurity tools, most organizations believe GenAI offers a path to lowering overall cybersecurity expenditure with 87% of respondents believing the savings of GenAI will offset the costs.

To learn more about Sophos' AI solutions and its AI-powered cyber defenses, visit Sophos.com.

To learn more about IT leaders utilizing AI, read the report, “Beyond the Hype: The Businesses Reality of AI for Cybersecurity,” on Sophos.com.

To learn more about cybercriminal attitudes towards GenAI, read the report, “Cybercriminals Still Not Fully on Board the AI Train (Yet),” on Sophos.com.

À propos de Sophos

Sophos est un leader mondial de la cybersécurité qui protège 600000organisations à travers le monde grâce à une plateforme optimisée par l’IA et à des services fournis par des experts. Sophos accompagne les entreprises, quel que soit leur niveau de maturité en matière de cybersécurité, et évolue avec elles pour déjouer les cyberattaques. Ses solutions offrent une combinaison optimale entre apprentissage automatique, automatisation et renseignements sur les menaces en temps réel, à laquelle s’ajoute l’expertise humaine de l’équipe Sophos X-Ops, qui travaille en première ligne pour assurer la surveillance, la détection et la réponse aux menaces 24h/24 et 7j/7.
Sophos propose des services managés de détection et de réponse (MDR) de pointe, ainsi qu’un portefeuille complet de technologies de cybersécurité, parmi lesquelles des solutions de sécurité Endpoint, réseau, email et cloud, ainsi que des solutions de détection et de réponse étendues (XDR), de détection et de réponse aux menaces liées à l’identité (ITDR) et de SIEM de nouvelle génération. Associées à des services de conseil spécialisés, ces capacités aident les entreprises à réduire leurs risques de manière proactive et à répondre plus rapidement, tout en bénéficiant de la visibilité et de l’évolutivité nécessaires pour garder une longueur d’avance sur les menaces en constante évolution.
Sophos commercialise ses produits via un écosystème mondial de partenaires, comprenant des fournisseurs de services managés (MSP), des fournisseurs de services de sécurité managés (MSSP), des revendeurs et distributeurs, une marketplace d’intégrations et des partenaires spécialisés dans les cyber risques. Cette stratégie offre aux entreprises la flexibilité nécessaire pour choisir des partenaires de confiance pour protéger leurs opérations.  Le siège de l’entreprise est basé à Oxford, au Royaume-Uni. Plus d’informations sont disponibles sur www.sophos.fr.