Canadian CEOs are growing increasingly concerned about their organizations' cybersecurity readiness, with the emergence of generative artificial intelligence (AI) seen as a looming threat.
This is according to KPMG's latest CEO Outlook, which found that nine in 10 CEOs are worried that the advent of generative AI could make their organizations more susceptible to breaches.
Although some CEOs did acknowledge the potential of generative AI, only 8% cited improved cyberattack response capabilities as a benefit of adopting the technology.
Meanwhile, 25% said they were worried that utilizing generative AI might lead to compliance and security issues, such as AI-armed adversaries.
Hartaj Nijjar, partner and national leader of KPMG in Canada's cybersecurity practice, said this apprehension toward generative AI is understandable since it can be challenging to gauge how such technologies can impact an organization's cybersecurity posture.
"Generative AI can help organizations bolster their security posture and gain efficiencies while doing so," he said. "However, the reality is cybercriminals will increase the use of generative AI in their attack strategies as well, and they can be much faster at adopting the technology than large organizations are."
In its poll of over 1,300 Canadian business leaders, KPMG found that only 56% believe their companies are adequately prepared for cyberattacks.
Less than 5% of those surveyed stated that their organization was "very well prepared" for a cyberattack.
As for the CEOs who indicated that their organizations were underprepared for a cyberattack, the primary reasons included:
Nijjar warned that organizations will likely see more generative AI-enabled attacks, "particularly through social engineering, where deepfakes can be deployed to fool employees into compromising company data and bypassing traditional access methods."
He emphasized the importance of preparedness for the evolving threat by establishing "robust defenses," including investing in cybersecurity technology and staff training.
"Organizations with strong cybersecurity fundamentals will be better equipped to deal with the unknown risks of evolving technologies like generative AI," Nijjar said.
What are your thoughts on this story? Feel free to comment below.
