Generative artificial intelligence ( Gen AI ) threats and increasing data breaches, talent drain, cloud management issues, phishing, data compliance and regulations are among the main cyber security concerns and challenges businesses are currently facing, according to a recent study.

The rise of GenAI is considered a threat by nearly all of the 1,200 IT and security professionals surveyed by cyber security company Bitdefender. Those surveyed ranged from manager to chief information security officer, all working in companies with 1,000 or more employees in geographical regions across the world, including France, Germany, Italy, Singapore, the UK and the US.

When asked how much of a threat GenAI technology is to the overall cybersecurity landscape, a remarkable 96% of all respondents agreed it’s a threat with more than a third ( 36% ) stating its use for manipulating or the creation of deceptive content ( deepfakes ) is a significant threat.

Interestingly, confidence ( or perhaps overconfidence ) in the ability to spot a deepfake type of attack ( audio/video ) was high with 74% believing colleagues in their department could do so.

Data breaches continue to increase year-over-year, the Bitdefender report notes, with more than half of all respondents ( 57% ) surveyed having experienced a data breach or data leak in the last 12 months, up 6% from the previous year when asked the same question.

At 73.5%, UK respondents experienced the most data breaches or leaks followed by Germany at 61%. Singapore experienced the least at 33% ( 24% below the average ).

And there is tremendous pressure driving security professionals to look for new jobs, with 64.3% of all respondents stating they will be looking for a new job in the next 12 months, up a considerable 25% when compared with last year’s result.

This finding correlates with 70.2% of respondents agreeing they must work weekends due to security concerns their company faces. Respondents in the UK were most likely to work weekends at 81% and German respondents are most likely to look for new jobs at 76.6% ( 12.2% higher than the average ).

Identity access management ( IAM ) and compliance, the report points out, are the top cloud challenges. When asked what the top security concerns are when it comes to managing cloud environments, 38.7% stated IAM, followed closely by maintaining cloud compliance at 38%.

Singapore respondents were well above the average ( 50.5% ) saying IAM was their biggest challenge. At 36%, shadow IT came in as a strong third overall followed by risk of misconfigurations at 34%. Additionally, when asked how risk is monitored across cloud infrastructure, only 44.6% of overall respondents say they conduct regular audits and assessments. 

Over 74% of those surveyed agree that phishing and social engineering have increased in sophistication. The top cybersecurity threats, according to overall respondents, are phishing and social engineering, and software vulnerabilities and zero-days, both at 32%, followed closely by GenAI’s influence on cyber threats and ransomware ( both at 29% ) and insider threats at 28%.

Over 74% of respondents say they have seen an increase in the sophistication of phishing attacks ( likely correlating to the sudden rise of GenAI ). Surprisingly, in the regions of France, the US and Germany, GenAI, the report shares, was seen as the top threat over ransomware at 35.5%, 34.3% and 32.8% respectively.

As well, respondents cited the top reasons for using or contemplating the use of a managed detection and response service. Over a third of respondents cited 24/7 security coverage as the number one reason, followed by access to high-level security analysts and the ability to proactively threat hunt, both at 29%.

Relating to managed services, an overwhelming 93% of respondents plan to increase investment in proactive cyber security measures ( for example, pen testing and red teaming ), with 37% stating it’s very likely. Singapore respondents were most likely to invest in proactive cyber security at 97%.

Data compliance and regulations, the report adds, are causing businesses to rethink their solutions strategy. When asked what the biggest challenge is about an organization’s current security solutions, adhering to data compliance and regulations was the number one challenge for 28% of all respondents.

Extending capabilities across multiple environments was a close second at 27.5%, followed by incompatibility with other security solutions at 25%. At 29%, or 5% above the average, respondents in the US were most concerned about how secure their third-party partners are.

“Businesses across every industry face unprecedented challenges posed by an increasing attack surface, zero-day vulnerabilities, cloud misconfigurations and new emerging threats driven by AI,” says Andrei Florescu, Bitdefender Business Solutions Group’s president and general manager. “The findings of this survey underscore a now vital approach to cyber security that layers threat prevention, protection, detection and response across all environments, including cloud infrastructure, services and supply chains.

“The goal of effective cybersecurity is not only stopping attacks at the door, but also to lower risk and optimize resources ( technology and people ) to help relieve pressure from security teams.”