Dive Brief:
- Security professionals consider AI-based security frameworks to be their best hope for improving cyber defenses in the near future, according to a report that Amazon Web Services published on Monday.
- Nearly 40% of respondents identified AI-based frameworks as their top priority for reducing cyber risk over the next three years, the report found, with 23% identifying AI-powered threat analysis and 17% identifying DevSecOps.
- The focus on frameworks over even threat detection reflects leaders’ focus on security governance, Amazon said, while more technical personnel “work to operationalize protection through integrated tools and processes.”
Dive Insight:
AWS’s report, based on a recent survey of 2,800 technology and security decision-makers, found that roughly a third of organizations already use AI agents for a wide variety of tasks, including identity management, threat monitoring and automated incident response. But one of the report’s most interesting findings is that interest in AI automation remains limited: Few organizations that aren’t already using AI for these activities plan to do so in the near future.
Even one of the biggest gaps between current and expected future AI use that Amazon found — automating security operations center (SOC) processes — barely represents a noticeable increase. Thirty-five percent of organizations said they were automating SOC processes now, while 38% said they expected to do so in the next year.
“Automating incident response and integrating AI agents into SOC workflows allow teams to detect anomalies sooner, contain breaches faster, and reduce fatigue from routine tasks, all essential as cloud environments scale in size and complexity,” AWS said in its report.
Still, respondents overwhelmingly agreed that security risks were a significant barrier to moving their data onto cloud platforms that used AI. Nearly 90% of respondents voiced that opinion; AWS said the remainder may have been “early adopters who have already set guardrails to pave the way for AI adoption.”
The AWS report also focused on cloud migration, offering a wealth of data about organizations’ decision-making around cloud platforms.
In particular, the report found that companies sticking to on-premises servers were primarily concerned with cybersecurity and privacy risks. Forty percent of respondents cited that factor, with 38% citing challenges integrating cloud platforms into legacy infrastructure and 33% citing cost concerns. Educational institutions and manufacturing firms were the most likely to cite cyber and privacy concerns, followed by retailers and energy utilities.
