<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon

The State of AI in Cybersecurity Report by StrongDM

StrongDM manages and audits access to infrastructure.
  • Role-based, attribute-based, & just-in-time access to infrastructure
  • Connect any person or service to any infrastructure, anywhere
  • Logging like you've never seen

Artificial intelligence is reshaping industries across the board, and cybersecurity is no exception. But as AI evolves, so do the threats that keep cybersecurity professionals up at night. Just how serious is the concern? According to a StrongDM survey of 600 cybersecurity professionals, AI-driven threats are emerging as one of the top concerns for the future of cybersecurity. Here’s what we discovered.

Summary of Our Key Findings:

1. 76% of cybersecurity professionals believe AI should be "heavily regulated." Most experts agree that strict AI regulation is needed to mitigate risks, though some worry it could hinder innovation.

2. 87% of cybersecurity professionals are concerned about AI-driven threats. Nearly all respondents express concern over AI's role in emerging cyber threats, highlighting the urgency for stronger defensive measures.

3. Malware (33%) and data breaches (30%) top the list of AI-powered threats. Malware and data breaches are the biggest worries, showing how AI is enhancing these already serious threats.

4. Only 33% of cybersecurity professionals are "very confident" in their current cybersecurity defenses. Confidence in existing defenses is low, emphasizing the need for improved strategies against AI-driven threats.

5. 65% of companies admit they aren’t fully prepared for AI-driven cyberattacks. The majority acknowledge a lack of preparedness, revealing the need for greater investment in AI-focused cybersecurity measures.

6. 2 in 3 cybersecurity professionals feel optimistic about AI's impact on jobs. Despite concerns, most professionals believe AI will enhance job roles and create new opportunities, though some still fear job loss.

76% of Cybersecurity Professionals Believe AI Should be "Heavily Regulated"

As AI capabilities grow, so do concerns about its potential misuse. We wanted to see how professionals feel about the need for AI regulation.

A substantial 76% of respondents agree that AI should be "heavily regulated" to prevent misuse and mitigate potential risks. However, 15% of respondents disagreed, suggesting that over-regulation could stifle innovation and slow down AI’s potential to revolutionize cybersecurity defenses.

strongdm-ai-cyberserucity-report-6

This highlights a critical balance between safety and progress. Clear guidelines are needed to prevent AI abuse while still enabling technological growth. The industry must find a middle ground that ensures security without hindering innovation.

87% of Cybersecurity Professionals Are Concerned About AI-Driven Threats

AI is becoming a key part of cybersecurity, but it's also fueling concerns about new kinds of attacks. We wanted to see how worried professionals are about AI-driven threats.

The vast majority of survey respondents—87%—express concerns about the rise of AI-powered attacks. Among them, 39% are "very concerned," pointing to the immediate and significant risks that AI presents. Meanwhile, 48% are "somewhat concerned," recognizing both the opportunities and risks AI brings to the table.

strongdm-ai-cyberserucity-report-11
Only a small fraction—7%—believe that AI will enhance security more than it harms, and a mere 6% don’t see AI having a substantial impact on cybersecurity at all. 

These numbers show that while AI helps with defense, it also creates risks that can’t be ignored. Organizations need to be ready with better strategies to stay ahead.

Malware and Data Breaches Top the List of AI-Driven Threats

strongdm-ai-cyberserucity-report-2
AI makes cyber threats faster and smarter. We wanted to know which threats worry cybersecurity pros the most.

According to the survey, malware and data breaches are the top dangers AI introduces.

  • 33% of respondents identified AI-driven malware as their biggest concern, highlighting how AI can create more evasive and sophisticated forms of ransomware.
  • 30% flagged AI as a major enabler of data breaches, citing the technology’s ability to identify and exploit vulnerabilities faster than traditional methods.
  • 22% raised alarms about AI’s potential to enhance phishing attacks, making them more convincing and harder to detect.
  • 15% pointed to insider threats, where AI could be used to manipulate and exploit weaknesses within organizations.

This shows that AI is reshaping attack methods, making them more dangerous. Companies need proactive measures to handle these evolving risks.

Only 33% of Cybersecurity Pros Are Very Confident In Their Defense Against AI-Driven Threats

AI-powered attacks are outpacing current defenses. We asked professionals how confident they feel about their ability to respond.

Only 33% of cybersecurity professionals feel "very confident" in their organization’s ability to fend off AI-driven attacks. The majority—46%—expressed a cautious "somewhat confident" outlook, admitting there’s room for improvement. However, a concerning 17% believe their organizations are far behind and unprepared for what’s coming.

strongdm-ai-cyberserucity-report-3

This lack of confidence underscores the need for stronger defenses and more robust strategies tailored to the evolving AI landscape.

65% of Companies Are Not Fully Prepared for AI-Driven Cyberattacks

Being ready for AI-driven threats requires solid investment and strategy. We wanted to know how prepared companies really are.

Corporate readiness for AI threats is another area where the survey revealed serious gaps. While 32% of respondents said their companies are actively investing in AI defenses, 48% acknowledge that "there’s still a lot of work to be done." This points to a significant number of organizations still playing catch-up when it comes to building comprehensive AI-driven threat defenses.

strongdm-ai-cyberserucity-report-4

17% feel their companies are "far behind," and the need to ramp up efforts is urgent. These professionals are calling for more investment and training to prepare for the future of AI-augmented cyber threats.

This gap in readiness is a serious issue. Companies need to act fast to handle AI-driven threats.

2 in 3 Cybersecurity Professionals Feel Optimistic About AI's Impact on Jobs

AI isn’t just a looming threat—it’s also poised to reshape the cybersecurity workforce. The survey found that many professionals see AI as a tool that will enhance, not replace, jobs in the field. 

40% believe that "AI will enhance but not replace jobs," reflecting a positive outlook on the evolving role of technology in the field. Additionally, 25% see the potential for AI to create new job opportunities within cybersecurity.

strongdm-ai-cyberserucity-report-5
However, not all respondents share this optimism. 30% expressed concerns that AI could replace many cybersecurity jobs, fueling anxieties about the future.

When asked about concerns regarding AI-driven automation leading to job cuts, 40% reported being "somewhat concerned," while 22% were "very concerned." However, 21% indicated they are "not concerned," and 17% expressed optimism that AI will bring new opportunities.

Even with worries about job loss, many see AI as a tool to support and improve their work. This positive outlook suggests that adapting to AI could lead to growth in the field.

Methodology
StrongDM surveyed 600 US-based cybersecurity workers in October 2024. The survey was completed online via Pollfish, and responses were random, voluntary, and completely anonymous.


About the Author

, SEO Manager, has been managing SEO initiatives for companies and clients from different industries for more than five years. Evangelizing SEO within organizations and educating other team members on the best practices is his passion. Komron occasionally shares his expertise on various blogs and publications. To contact Komron, visit him on LinkedIn.

StrongDM logo
💙 this post?
Then get all that StrongDM goodness, right in your inbox.

You May Also Like

IP Whitelisting: Meaning, Alternatives & More
IP Whitelisting: Meaning, Alternatives & More [2024 Guide]
IP whitelisting is a security strategy that restricts access to a network/system to a specified list of trusted IP addresses. This approach ensures that only individuals using the approved addresses can access certain resources.
How to List Users in Linux (9 Methods with Examples)
How to List Users in Linux (9 Methods with Examples)
Need to keep tabs on who has access to your organization’s Linux system? This guide explores nine methods, with examples, that can help you quickly list users.
SCP Command in Linux: 10 Essential Examples
SCP Command in Linux: 10 Essential Examples
Discover 10 ways to leverage the SCP command in Linux. Learn how to incorporate options for specific file transfers and how to deal with common errors.
CyberArk-Wiz Partnership: Cloud Security or Cloud Confusion?
CyberArk-Wiz Partnership: Cloud Security or Cloud Confusion?
Yesterday, CyberArk announced a new partnership with Wiz, where they’re touting “complete visibility and control for cloud-created identities.” I know I’ve had my fun poking holes at CyberArk in the past, but with this announcement, they’ve just handed the world a glaringly tone-deaf admission of being outdated, un-innovative, and uninterested in what enterprise security teams actually want.
Mitigating Shadow Access Risks with Zero Trust PAM
Mitigating Shadow Access Risks with Zero Trust PAM
Discover how StrongDM's Zero Trust PAM and fine-grained authorization secure cloud data plane access and mitigate shadow access risks without hindering productivity.