Business leaders fear ‘catastrophic cyber attacks’ on back of generative AI

PwC digital survey also highlights sharp rise in the number of companies reporting €1 million data breaches

PwC survey found Irish companies understand the cyber risks posed by emerging technologies less than their global counterparts do. Photograph: iStock
PwC survey found Irish companies understand the cyber risks posed by emerging technologies less than their global counterparts do. Photograph: iStock

More than half of Irish and international business leaders believe generative artificial intelligence (AI) could cause “catastrophic cyber attacks” in the next 12 months, according to PwC’s latest digital trust insights survey.

The study also highlighted that the number of companies reporting they had experienced a data breach costing more than €1 million had increased by a third this year.

The survey of nearly 4,000 business and tech leaders across 71 countries, including Ireland, focuses on how the technology and security landscape is evolving and the resulting issues for firms.

Third-party breaches are viewed as the number one cybersecurity threat for Irish organisations but ransomware and business email compromise were also flagged as concerns.

READ SOME MORE

The survey highlighted an increasing concern about the rise of generative AI as it relates to cybersecurity. More than half (53 per cent) of Irish respondents expect it to lead to catastrophic cyber attacks in the next 12 months, in line with 52 per cent of respondents globally.

“Another surge in cyber threats may be coming due to the power of generative AI helping to create advanced business email compromise at scale,” it stated.

The survey also indicated that 58 per cent of Irish business leaders are planning to use AI tools for cyber defence while 69 per cent reported that they will increase their organisation’s 2024 cyber budget.

Perhaps more worryingly, fewer than half (42 per cent) of Irish respondents said that they understand the cyber risks posed by emerging technologies while just 45 per cent understand the cyber risks related specifically to generative AI and have included it in their formal risk management plans. That is significantly less than their global counterparts, at 58 per cent.

Increased regulatory scrutiny is expected to result in significant costs for Irish businesses, the survey said, noting 64 per cent of Irish leaders expect operational resilience regulation to be costly and disruptive.

‘Mam, my phone is broken’: Here comes the money scam using your own child’s voiceOpens in new window ]

Cybersecurity industry needs additional 1,000 workers a year to meet demand - reportOpens in new window ]

One of cybersecurity’s hottest topics right now is “Zero Trust”, a principle centred around putting data at the heart of security and risk-based decision making. The survey highlighted that Irish respondents have been slower off the mark than their peers globally in embedding this modern approach into cybersecurity.

Leonard McAuliffe, PwC Ireland head of cyber practice, said the survey showed cybersecurity “continues to be at the forefront of Irish business leaders’ minds”.

“Business leaders need to be agile and adapt to the changing market. With emerging tech developments such as artificial intelligence hitting the market in transformative ways, executives must challenge the status quo by building security into the fabric of their organisations instead of reacting once there is a crisis,” he said.

Mr McAuliffe said: “Organisations should adopt a responsible approach to generative AI and how it is used to enhance cybersecurity to ensure it is appropriately used. Although it’s often considered a function of technology, human supervision and intervention are essential.”

Eoin Burke-Kennedy

Eoin Burke-Kennedy

Eoin Burke-Kennedy is Economics Correspondent of The Irish Times