Only 13% use AI-specific protection, says Wiz – Virtualization Review

Applications of AI
Michael LewisLeave a Comment on Only 13% use AI-specific protection, says Wiz – Virtualization Review


news

AI boom, but cloud security lag: only 13% of AI-specific protections, Wiz says

A new study from Wiz found that nine out of ten organizations already use AI services in the cloud, while less than a seventh of them implement AI-specific security controls. With Shadow AI rising and hybrid cloud architectures bringing complexity, security teams face key skills and touring gaps that could undermine enterprise AI initiatives, the report shows.

AI adoption outweighs security expertise
According to a report released last week, AI Security Preparation: Insights from 100 cloud architects, engineers and security leaders show that 87% of organizations already use AI services such as Openai and Amazon Bedrock. However, 31% of respondents identified a lack of AI security expertise as the biggest concern, making it the most commonly cited challenge.

What are your organization's top AI security challenges?
[Click on image for larger view.] What are your organization's top AI security challenges? (Source: Wiz/GatePoint).

“Security teams are being asked to protect systems that are not fully understood,” the report said. Touring and automation are called “important” until that skill gap is addressed.

Traditional controls still dominate
Currently, only 13% of organizations use AI-specific security attitude management (AI-SPM) tools. Instead, most rely on traditional controls that are more suitable for legacy environments.

  • Safe Development Practices: 53%
  • Tenant separation: 41%
  • Audit to identify shadow AI: 35%
What strategies are you implementing to manage your AI security risks?
[Click on image for larger view.]What strategies are you implementing to manage your AI security risks? (Source: Wiz/GatePoint).

While these are still important, this report highlights that it is not designed to address the unique risks of AI systems, such as lateral model access, poisoned training data, and unsupervised use of the generation API.

Cloud complexity increases risk and reduces visibility
Hybrid and multicloud deployments are standard, with 45% of organizations running in hybrid environments and 33% running in multicloud. However, 70% of respondents still rely on endpoint detection and response (EDR), a toolset built for centralized architectures.

The following table summarizes the cloud usage between the organizations being studied.

Architecture percentage
Hybrid Cloud 45%
Multi-cloud 33%
Single Cloud twenty two%

Meanwhile, 25% of respondents admitted they were unaware that the AI ​​service is currently running in the environment.

Security needs go beyond technology
The most desirable features of AI security tools reflect broader operational and workflow concerns. According to the survey:

  • 69% Prioritization Data Privacy
  • 62% cited threat visibility
  • 51% wanted ease of integration
Which AI services and technologies are currently running in your environment?
[Click on image for larger view.]Which AI services and technologies are currently running in your environment? (Source: wiz).

The report warns that difficulty in integrating with DevOps workflows is a major barrier to adoption. Distributed experiments also create blind spots that cannot be addressed by traditional security models.

AI security maturity model
Wiz maps AI preparation in a wide range of cloud security maturity frameworks and explains four stages of AI security maturity that coincides with the five phases of cloud security development.

step Maturity stage explanation
1 Experimental AI High-risk use of AI with limited visibility and shadow development
2 Early Governance Basic controls are in place, but the inherent risks of AI are not well managed
3 AI Integrated Security Built-in controls, AI-SPM tools in use, and improved governance
4 Aggressive AI Secops Automation and real-time response to AI is risky across the environment
Cloud Security Maturity Framework
[Click on image for larger view.]Cloud Security Maturity Framework (Source: wiz).

Most organizations remain in phase 1 or 2, according to the report.

Recommendations for filling the gap
To move forward, the report outlines key actions for IT and security teams.

  • Adopt tools to continuously discover AI models and shadow services
  • Shifts security left to the previous stage of SDLC
  • Check the policies that follow workloads in multicloud and hybrid environments
  • Provide AI-specific training to security professionals

“We cannot make security respond,” the report concludes. “It has to be continuous and aggressive.”

About the survey
The WIZ Report is based on responses from 100 cloud professionals, including architects, engineers, directors and C-level leaders, spanning 96 organizations across multiple industries. This study was conducted by Gatepoint Research in late 2024.

About the author


David Ramel is the editor and writer of Converge 360.





Source link

Related Posts

AI chatbot answers health questions with moderate overall accuracy

Michael Lewis

Polish HRTech startup Global Work AI secures €2 million to power automation applications and launch AI career assistant

Mike lewis

BreachLock extends Adversarial Exposure Validation (AEV) to web applications

Michael Lewis

Leave a Reply

Your email address will not be published. Required fields are marked *