GenAI enables cybersecurity leaders to hire more entry-level talent

93% of security leaders said public GenAI was in use across their respective organizations, and 91% reported using GenAI specifically for cybersecurity operations, according to Splunk.

A total of 1,650 security leaders participated in the global survey, with many reporting that cybersecurity has become easier to manage compared to past years. However, cybersecurity defenders now face a race against adversaries to harness GenAI.

Organizations lack a clear GenAI policy

According to the report, organizations have heavily adopted GenAI tools within their teams. Compared to organizations that are still developing a cybersecurity program, those with advanced approaches have significant budgets, resources, and authority and are well-positioned to embrace cutting-edge GenAI tools and technologies.

However, despite this widespread adoption, many organizations lack a clear GenAI policy or full grasp of the technology’s broader implications. Furthermore, cybersecurity leaders are divided on who will gain the upper hand in leveraging GenAI tools: cybersecurity defenders or threat actors.

Despite high adoption, 34% of surveyed organizations say they do not have a GenAI policy in place, and 65% of respondents admit to not fully understanding the implications of GenAI.

44% of respondents rank GenAI as a top initiative in 2024, surpassing cloud security as the top initiative. Cybersecurity leaders are split over who has the advantage when it comes to GenAI. While 45% of respondents believe GenAI will be a net win for threat actors, 43% said GenAI will give cybersecurity defenders the edge.

“We are in an AI gold rush, with bad actors and security professionals both trying to seize the advantage,” said Patrick Coughlin, SVP, Global Technical Sales, Splunk. “The introduction of GenAI creates new opportunities for organizations to streamline processes, increase productivity, and limit staff burnout. Unfortunately, GenAI also presents unprecedented advantages for threat actors. To combat this new threat landscape, defenders must outpace threat actors in the race to harness and securely deploy the power of GenAI.”

GenAI creates new opportunities for organizations

Cybersecurity hiring has proven to be a considerable challenge in recent years, especially for entry-level workers seeking to break into the industry. The report indicates that GenAI is a possible solution to this problem as it helps organizations discover and onboard entry-level talent more efficiently.

Additionally, the majority of cybersecurity professionals anticipate that GenAI will enhance their speed and productivity.

86% of cybersecurity leaders say GenAI can enable them to hire more entry-level talent to fill the skills gap, and 58% say onboarding entry-level talent will be quicker thanks to GenAI.

90% of security executives believe entry-level talent can lean on GenAI to develop their skills in the Security Operations Center (SOC), and 65% believe the technology will help seasoned cybersecurity professionals become more productive.

Security professionals face growing compliance pressures

The majority of security professionals are also facing growing compliance pressures. The implementation of stricter compliance requirements has significantly raised the stakes, particularly for security leaders who may personally face repercussions for the organizations’ violations. This changing compliance landscape underscores the need for increased vigilance and accountability within the security sector.

76% of respondents say personal liability has made cybersecurity a less attractive field, and 70% have considered leaving the field due to job-related stress.

62% of professionals report having already been impacted by changing compliance mandates requiring disclosure of material breaches. Meanwhile, 86% of security professionals say they will shift budgets to prioritize meeting compliance regulations over security best practices.

Many respondents also expect their organizations to be more risk-averse, with 63% expecting that organizations will err on the side of caution and overreport breaches as material to avoid penalties.

Fill out the form to get your free eBook:

First name *

Last name *

Email *

Job title *Please selectChief Information Security OfficerChief Security OfficerChief Technology OfficerCybersecurity DirectorCybersecurity ExecutiveCybersecurity LeadCybersecurity ManagerCybersecurity Product ManagerHead of Cyber SecurityHead of Information SecurityHead of ITInformation security DirectorInformation security ExecutiveInformation security LeadInformation security ManagerInformation security Product ManagerIT DirectorIT ExecutiveIT LeadIT ManagerIT Product ManagerOther CybersecurityOther ITOther Information SecuritySOC ManagerVice President

Company *

Country *Please selectAfghanistanAlbaniaAlgeriaAmerican SamoaAndorraAngolaAnguillaAntarcticaAntigua and BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbadosBelarusBelgiumBelizeBeninBermudaBhutanBolivia (Plurinational State of)Bonaire, Saint Eustatius and SabaBosnia and HerzegovinaBotswanaBouvet IslandBrazilBritish Indian Ocean TerritoryBrunei DarussalamBulgariaBurkina FasoBurundiCabo VerdeCambodiaCameroonCanadaCayman IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling) IslandsColombiaComorosCongoCongo (Democratic Republic of the)Cook IslandsCosta RicaCroatiaCubaCuraçaoCyprusCzech RepublicCôte d'IvoireDenmarkDjiboutiDominicaDominican RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEswatini (Kingdom of)EthiopiaFalkland Islands (Malvinas)Faroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloupeGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald IslandsHondurasHong KongHungaryIcelandIndiaIndonesiaIran (Islamic Republic of)IraqIreland (Republic of)Isle of ManIsraelItalyJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKorea (Republic of)KosovoKuwaitKyrgyzstanLao People's Democratic RepublicLatviaLebanonLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacaoMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesia (Federated States of)Moldova (Republic of)MonacoMongoliaMontenegroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorth Macedonia (Republic of)Northern Mariana IslandsNorwayOmanPakistanPalauPalestine (State of)PanamaPapua New GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto RicoQatarRomaniaRwandaRéunionSaint BarthélemySaint Helena, Ascension and Tristan da CunhaSaint Kitts and NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint Maarten (Dutch part)SlovakiaSloveniaSolomon IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth SudanSpainSri LankaSudanSurinameSvalbard and Jan MayenSwedenSwitzerlandTaiwan, Republic of ChinaTajikistanTanzania (United Republic of)ThailandTimor-LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkmenistanTurks and Caicos IslandsTuvaluTürkiyeUgandaUkraineUnited Arab EmiratesUnited Kingdom of Great Britain and Northern IrelandUnited States Minor Outlying IslandsUnited States of AmericaUruguayUzbekistanVanuatuVatican City StateVenezuela (Bolivarian Republic of)VietnamVirgin Islands (British)Virgin Islands (U.S.)Wallis and FutunaWestern SaharaZambiaZimbabweÅland Islands

State *StateALAKAZARCACOCTDEDCFLGAHIIDILINIAKSKYLAMEMDMAMIMNMSMOMTNENVNHNJNMNYNCNDOHOKORPARISCSDTNTXUTVTVAWAWVWIWY

Privacy policy *

• I have read and agree to the Privacy Policy and would like to be updated on ISC2 certifications, educational resources, and offers.

Submit