91% of Security Leaders Believe AI Set to Outpace Security Teams, Bugcrowd Report Finds
91% of Security Leaders Believe AI Set to Outpace Security Teams, Bugcrowd Report Finds
"Inside the Mind of a CISO" report uncovers CISO perceptions on AI threats, ethical hacking, and the expertise needed to address the cyber skills gap
“CISO思維剖析”報告揭示了首席信息安全官對於人工智能威脅、道德黑客和解決網絡安全技能間隙要求的認知。
SAN FRANCISCO, June 27, 2024 /PRNewswire/ -- Bugcrowd, the only multi-solution crowdsourced cybersecurity platform, released its "Inside the Mind of a CISO" report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO.
加州舊金山,2024年6月27日/美通社/-- Bugcrowd是唯一的多方位衆包網絡安全平台,發佈了他們的“CISO思維剖析”報告。該報告調查了來自全球的數百個安全領導者,揭示了他們對人工智能威脅的認知、他們的重點和不斷變化的作用以及針對首席信息安全官的常見誤解。
Money & Hiring
貨幣和招聘
Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers' long-term privacy or security to save money. This is explained in part by the fact that 40% believed that less than 1 in 3 companies truly understood their risk of being breached. Speaking of money, nearly 9 in 10 (87%) reported that they were currently hiring security staff and 56% stated that their security team was currently understaffed. And despite some common misconceptions around not needing a college degree, respondents reported that only 6% of cybersecurity leaders don't have a college degree and over 80% have a degree specifically in cybersecurity.
調查發現三分之一的受訪者(33%)認爲至少一半的公司願意爲了節省成本犧牲客戶的長期隱私或安全。這在某種程度上可以解釋,因爲40%的人認爲不到三分之一的公司真正了解它們被攻破的風險。就貨幣而言,近九成(87%)的人報告說他們正在招聘安全人員,而56%的人表示他們的安全團隊目前缺乏人手。儘管有一些關於無需大學學位的常見誤解,但受訪者報告說只有6%的網絡安全領導者不具備大學學位,超過80%的人擁有專門的網絡安全學位。
AI
人工智能
Despite plans to hire, 70% reported that they planned to reduce the security team headcount within the next 5 years due to the adoption of AI technologies. Over 90% believe that AI already performs better than security professionals, or at least will in the near future. AI isn't only seen as a benefit however, over half (58%) believe that the risks of AI are worse than its potential benefits.
儘管有招聘計劃,70%的人報告說他們打算在未來5年內由於採用人工智能技術而減少安全團隊人數。 90%以上的人認爲人工智能已經比安全專業人員表現得更好,或者至少在不久的將來會。人工智能不僅被視爲一種好處,超過一半的人(58%)認爲人工智能的風險比潛在好處更糟糕。
CISO Perspectives on Ethical Hacking
首席信息安全官對道德黑客的看法
Due to concerns around the malicious use of AI by attackers, 70% of security leaders turned towards using crowdsourced security for testing their AI defenses. In fact, more than 7 in 10 (73%) of security leaders view ethical hacking in a favorable light and 75% of them actually have experience with it themselves. With modern day threats being more evasive and adaptive than they've ever been – 89% believe there are more threats and they are more serious – it's imperative that crowdsourced security be the center of an organization's cybersecurity strategy.
由於擔心攻擊者惡意使用人工智能,70%的安全領導者轉向使用衆包安全測試其人工智能防禦能力。實際上,超過7成(73%)的安全領導者對道德黑客持有積極看法,其中75%的人也有此類經驗。由於現代威脅比以往任何時候都更具隱秘性和適應性,89%的被調查者認爲威脅更多且更嚴重。因此,衆包安全必須成爲組織網絡安全策略的核心。
"The CISO role is evolving. Given the current risk landscape and the need to prioritize security over resilience, the CISO has more responsibility than ever before," Nick McKenzie, CISO at Bugcrowd. "Bridging the gap between CISOs and the collective ingenuity of hackers is key to shielding organizations from the increasing onslaught of AI threats and attacks."
“CISO的角色正在演變。鑑於當前的風險環境和優先考慮安全而非恢復力的需求,CISO的責任比以往任何時候都更大,” Bugcrowd首席信息安全官尼克·麥肯齊說。 “彌合CISO和黑客集體智慧之間的差距對於保護組織免受人工智能威脅和攻擊日益加劇至關重要。”
As the cybersecurity landscape continues to evolve, professionals and organizations must remain ready to adapt to the latest trends and emerging technologies such as AI and the implementation of crowdsourced cybersecurity. The Bugcrowd Platform connects organizations with trusted hackers to proactively defend their assets against sophisticated threat actors. In this way, CISOs can unleash the collective ingenuity of the hacking community to better uncover and mitigate risks across applications, systems, and infrastructure.
隨着網絡安全態勢不斷演變,專業人員和組織必須準備好適應最新趨勢和新興技術,如人工智能和衆包網絡安全。 Bugcrowd平台將組織與信任黑客聯繫起來,以預防性地保護他們的資產免受複雜的威脅行動者攻擊。因此,CISO可以釋放黑客社區的集體智慧,以更好地了解和降低應用、系統和基礎設施中的風險。
Access the full report
獲取完整報告
This report analyzed 209 survey responses from security leaders across the globe, including North America, South America, Europe, Asia, Australia, and Africa – all fully employed at organizations of varying sizes. It defines "security leaders" as anyone with one of the following titles—CISO, CIO, CTO, Head of Security, or VP of Security.
本報告分析了全球各地的209位安全領導者的調查反應,包括北美、南美、歐洲、亞洲、澳大利亞和非洲各地的組織中的完全就業人員。它將“安全領袖”定義爲以下任一職務的任何人—CISO、CIO、CTO、安全負責人或安全副總裁。
The full report dissects the top priorities of CISOs, addresses the most common misconceptions, uncovers their perceptions on the threat landscape and provides a closer look at what an "Offensive Security CISO" looks like and how hackers and security leaders can join forces. To access all the rich insights and data excavated from the team, click the link here.
完整報告詳細說明了CISO的首要任務,解決最常見的誤解,揭示他們對威脅態勢的看法,並更加詳細地了解了“攻擊性安全CISO”的外貌以及黑客和安全領導者如何聯手。要了解從該團隊抽取的所有豐富的見解和數據,單擊此處的鏈接.
To download a copy of the Inside the Platform: Bugcrowd's Vulnerability Trends Report, which shows the types of vulnerability submissions that are on the rise today according to global hackers, click here.
要下載Inside the Platform:Bugcrowd漏洞趨勢報告的副本,該報告展示了全球黑客,點擊這裏.
To learn more about how the Bugcrowd Platform can help CISOs protect their organizations from cyber risk, visit the link here.
請訪問此處的鏈接以了解Bugcrowd平台如何幫助CISO保護他們的組織免受網絡風險。訪問此處的鏈接
About Bugcrowd
關於Bugcrowd
We are Bugcrowd. Since 2012, we've been empowering organizations to take back control and stay ahead of threat actors by uniting the collective ingenuity and expertise of our customers and trusted alliance of elite hackers, with our patented data and AI-powered Security Knowledge Platform. Our network of hackers brings diverse expertise to uncover hidden weaknesses, adapting swiftly to evolving threats, even against zero-day exploits. With unmatched scalability and adaptability, our data and AI-driven CrowdMatch technology in our platform finds the perfect talent for your unique fight. We are creating a new era of modern crowdsourced security that outpaces threat actors.
我們是Bugcrowd。自2012年以來,我們一直致力於通過將客戶的集體智慧和專業知識與我們的專利數據和人工智能驅動的安全知識平台中信任的精英黑客聯合起來,使組織重新掌控並保持領先地位,以對抗威脅行動者。我們的黑客網絡通過帶來多樣化的專業知識來發現隱藏的弱點,迅速適應不斷進化的威脅,甚至對抗零日攻擊。我們的數據和人工智能驅動的Platform的CrowdMatch技術具有無與倫比的可擴展性和適應性,可以爲您的獨特戰鬥找到完美的人才。我們正在創造一種新的現代衆包安全時代,它趕超了威脅行動者。
Unleash the ingenuity of the hacker community with Bugcrowd, visit . Read our blog.
通過Bugcrowd釋放黑客社區的智慧,訪問。(閱讀我們的博客。)
"Bugcrowd", "CrowdMatch" and "Security Knowledge Platform" are trademarks of Bugcrowd Inc. and its subsidiaries. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
“Bugcrowd”、“CrowdMatch”和“Security Knowledge Platform”是Bugcrowd Inc.及其子公司的商標。這裏提及的所有其他商標、商號、服務標誌和標誌均屬其各自公司的財產。
Contact
Nathaniel Hawthorne
Lumina Communications for Bugcrowd
[email protected]
[email protected]
聯繫人
納撒尼爾·霍桑
Bugcrowd的Lumina Communications
[email protected]
[email protected]
SOURCE Bugcrowd
來源Bugcrowd
譯文內容由第三人軟體翻譯。