While CISOs are focused on protecting their organizations from risk, they are also business leaders, helping to securely implement new technologies that drive growth and create efficiencies. Since the launch of ChatGPT in late 2022, CISOs have been evaluating its potential and its risks.
Recently, we asked CISOs in our communities around the world for their thoughts on generative AI and its opportunities and risks. Here is what nearly 400 security leaders told us about generative AI and its impact on the future of business.
Are CISOs Currently Using It?
60% of CISOs report that they are currently using ChatGPT or another generative AI tool – the highest percentage across the C-suite roles we surveyed. When asked how they are using it, CISOs’ comments suggest that they are investigating it, including “ad hoc in an investigative manner,” “currently only testing its functionality,” and “investigating its use cases.” Among the CISOs who are not currently using it, they shared reasons such as “hesitation on risk,” “legal and cybersecurity implications still unknown,” and “no identified business case yet.”
Do They Have a Company Policy?
41% of security leaders say their organization is in the process of developing an approach to generative AI, but does not have one yet, and 26% report that some employees are allowed to use it, depending on the department. Twenty-one percent currently allow all employees to use AI tools.
What’s Their Outlook?
CISOs are quite positive about the future outlook of AI with 76% of them saying they have a “very positive” or “somewhat positive” outlook. Twenty-one percent are neutral, representing one of the higher percentages of neutral sentiments than other C-suite roles. Less than 3% of security leaders feel somewhat or very negative about AI and its future impact on business.
What Are the Opportunities?
About one-third or 30% of CISOs think that AI will improve their processes, and 28% predict that it will automate redundant tasks. Twenty-five percent believe that AI tools will provide insights. Other comments about what it could do in the short- to mid-term include “code generation,” “assist with creating content,” and “improve customer service.”
What Is the Future Impact?
Looking to the future, 27% of CISOs think that AI will generate operational efficiencies, and 24% believe it will eliminate tedious tasks from the workforce. Nineteen percent also say that generative AI will improve customer service. A few CISOs said it will do all of these things, while others noted that the impact was “unknown” at this time.
What Are Their Concerns?
CISOs’ top concerns about generative AI tools are data privacy (23%) and security risks (23%). Anecdotally, they shared concerns about “accuracy,” “legal issues,” and if it would be “used maliciously by cyber threat actors.”
What Are Employees’ Concerns?
50% of CISOs believe their employees are concerned about their roles being replaced by AI. Twenty percent report that employees worry it will cause general disruption. In the “Other” comments, some security leaders said that they had not heard employees voice any concerns yet, while a few others believe their employees are concerned about “not being able to use it” or the organization “being too restrictive.”
Future Impact of Generative AI
We asked CISOs what they think the impact of AI could be on business in the future. They were generally optimistic about the possibilities, with some reporting concerns, such as “more breaches and reputational harm” and “introducing new cyber threats.” One CISO simply said, “Fortune will favor those who know how to leverage it.” Here is a sample of their comments:
Create new and innovative solutions. Expedite time to market.”
Redefine the workforce, eliminate low-level jobs, but create opportunities for new jobs.”
Augment, not replace, administrative jobs.”
The ability to utilize and find new and unique data insights.”
Are you a CISO navigating the changes brought about by generative AI? Find an opportunity to collaborate with your peers or join a community at Evanta.com.
Based on 380 CISO responses to Evanta’s Community Pulse Survey, June 2023.
by CISOs, for CISOs
Join the conversation with peers in your local CISO community.