### Organizations Wary of AI-Powered Threats to Cloud Security, Palo Alto Networks Report Finds
A recent report by Palo Alto Networks, titled “The State of Cloud Native Security,” highlights growing concerns among organizations regarding the security of their cloud infrastructures in the face of AI-powered attacks. The report, which surveyed over 2,800 information security professionals, reveals that a significant number of respondents view AI-powered threats as a major challenge that could bypass traditional defense mechanisms. With generative AI technologies like ChatGPT gaining prominence, the fear of AI-generated code introducing vulnerabilities and the potential for AI-powered attacks are among the top concerns. Additionally, the report touches on issues such as API risks, inadequate access management, and the rise in cloud security incidents, underscoring the complex landscape of cloud security and the emerging threat of AI.
A recent report by Palo Alto Networks, released on Wednesday, highlights growing concerns among organizations regarding their cloud security, particularly in the face of AI-powered threats. The report, named “The State of Cloud Native Security,” is based on a survey involving over 2,800 information security professionals who are well-acquainted with their organization’s cloud infrastructure or security. These individuals range from executive leadership to relevant security, IT, or development practitioners.
A significant portion of the survey’s findings points to the rising apprehension about generative AI technologies, such as those exemplified by OpenAI’s ChatGPT, which was made public in the fall of 2022. According to the survey, 43% of the respondents believe that AI-powered threats will bypass traditional defense mechanisms, becoming a more prevalent threat vector. Additionally, 38% of those surveyed identified AI-powered attacks as a primary concern for cloud security.
Interestingly, the survey revealed that the top threat concern in cloud security is the risk posed by AI-generated code, with 44% of respondents placing it first. This concern is followed by API risks and inadequate access management, with AI-powered attacks also ranking high on the list. This is despite some experts considering generative AI as an emerging tool in the threat landscape, while non-AI issues are currently leading to numerous cyberattacks.
Palo Alto Networks’ report also indicates an uptick in cloud security incidents, with 64% of organizations experiencing data breaches. Other reported issues include an increase in compliance violations, insecure APIs, and operational downtime due to misconfigurations.
Amol Mathur, senior vice president and general manager of Prisma Cloud at Palo Alto Networks, shared insights with TechTarget Editorial, suggesting that the concern over AI threats is largely due to a lack of understanding of generative AI technology. Mathur emphasized that while organizations have established programs and tools to address traditional security issues, AI represents a relatively unknown and potentially impactful area.
The report further states that all surveyed organizations have adopted AI-assisted coding to some extent. However, Mathur cautioned that the use of generative AI in development has already led to vulnerabilities and poorly written code. A joint report by IBM and Amazon Web Services, presented at the RSA Conference 2024, supports this concern, showing that while a majority of C-suite executives recognize the importance of secure AI, only a small fraction include a security component in their AI-related products.
Mathur also highlighted that, despite improvements, issues such as identity threats and misconfigurations remain prevalent. He pointed out that many organizations still rely on fragmented tools that lack integration, underscoring the ongoing challenges in cloud security.
The report and Mathur’s comments underscore the evolving nature of cloud security challenges, particularly with the advent of AI technologies, and the need for a deeper understanding and integration of security measures in AI-related developments.