Decoding the Impact of GenAI on CISOs

By Harold Rivas · July 10, 2024

As we head into the second half of the year, GenAI and its potential impact are creating a defining moment for CISOs everywhere. AI and GenAI are already causing many of us to consider how our role will change in the next couple of years and how these technologies will affect the cybersecurity landscape.

For CISOs, GenAI can be a double-edged sword, presenting both risk and opportunity. We’ve seen an acceleration of capabilities from threat actors and an increased capability for defenders. A new joint research report from Trellix and the Center for Strategic and International Studies (CSIS) captures the dual nature of this moment. The Mind of the CISO: Decoding the GenAI Impact reveals insights from more than 500 security leaders on how AI and GenAI are affecting the role of the CISO and how they have the potential to both hinder and enhance cybersecurity operations. It’s an eye-opening report on the challenges CISOs face today, their pressure, and their position as essential cybersecurity leaders.

How CISOs see GenAI and AI

While AI and ML capabilities in cybersecurity have been around for years, the speed at which the disruption is happening with GenAI is something new—and it’s causing CISOs to ask, What does it mean for us and our organizations?

The Mind of the CISO report paints a compelling picture of how CISOs grapple with these changes. Here are some key stats that stand out—and note the high levels of agreement, signaling that GenAI is having a significant impact on CISOs everywhere:

• 91% of CISOs expressed excitement about the prospects and opportunities GenAI and AI will bring to their organizations
• 100% of the CISOs from organizations that already use GenAI believe it is enhancing their cybersecurity processes and/or technologies
• 92% reported that GenAI has made them contemplate their future as a CISO
• 90% of CISOs shared that they find themselves under increased pressure

Accelerating the defender – the potential benefits of GenAI

As a CISO myself, these stats are borne out in conversations I have with my peers. As essential leaders in our organizations, we are meeting the moment as we educate our boards and manage these risks. At the same time, we’re facing increased stress and pressure, including the potential for personal liability.

One challenge of the role is that, seemingly overnight, a novel attack technique can emerge for your industry and completely change your security posture, investments, and strategy. With GenAI, we’ve added a massive accelerator that gives disproportionate capability to an attacker and allows them to innovate very rapidly. Ultimately, we’re in a game where we lose if they score one time. That’s a very challenging position, and that may be why more than 90% of CISOs in the survey are reconsidering their future based on GenAI.

At Trellix, the question we’re looking at is, How do we accelerate the defender? In cybersecurity, we know there are not enough people, and it’s hard to find analysts and train them. As a CISO, I want something to give me a leg up. How can I take my most junior analysts and make them senior individuals? As part of our defense, we’re introducing GenAI capabilities to aid junior SOC analysts and provide the benefit of decades of knowledge on how an incident should be handled. I think of GenAI as a senior SOC analyst sitting alongside and saying, “You may want to look at that.” In the Mind of the CISO report, 89% of CISOs agree adopting and integrating GenAI tools will help address security operations staffing issues within their organization.

3 recommendations for CISOs on GenAI

I’ve recently written and spoken widely about AI and GenAI because they are pivotal for CISOs. Here are a few recommendations I have for CISOs who are starting to explore GenAI.

First, if you’re not already using a GPT (generative pre-trained transformer), start now. I am actively using multiple GPTs. I highly recommend that CISOs everywhere really leverage this capability to accelerate their ability to consume vast amounts of information. On my own, I already consume a lot of information, but this is helping to summarize it and get me up to speed quickly.

Second, start leveraging GenAI tools within your organization. At Trellix, we’re leveraging GenAI capabilities internally and integrating them into our portfolio of products. I manage the internal program and the adoption of GenAI, so I am considering how developers and engineers might use it. Governance is a big component of this, and I think that’s part of the soul-searching that CISOs are doing everywhere. We’re adopting a new technology that has a force on and impacts the entire organization. Still, ultimately, we’re governing another piece of technology and must find effective ways to do that.

Third, start to integrate AI and GenAI tools within your security workflows. In our product portfolio, we’ve introduced Trellix Wise—GenAI capabilities for cybersecurity. Wise extends across the Trellix XDR Platform to automate and accelerate workflows and improve incident response, threat detection, prevention, and remediation.

I feel strongly that AI will fundamentally change our industry and what we do. We have a couple of choices. We can turn away, or we can lean into it and say this is going to be transformative to businesses everywhere. It’s my belief that as CISOs, we should lean in more heavily and augment our cyber skills with those of AI.

Read the 2024 Mind of the CISO report: Decoding the GenAI Impact and register for our GenAI virtual summit.