Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More<\/em><\/p>\n\n\n\n It\u2019s 2:13 a.m. on a Sunday and the SOC teams\u2019 worst nightmares are about to come true.<\/p>\n\n\n\n Attackers on the other side of the planet are launching a full-scale attack on the company\u2019s infrastructure. Thanks to multiple unpatched endpoints that haven\u2019t seen an update since 2022, they blew through its perimeter in less than a minute.\u00a0<\/p>\n\n\n\n Attackers with the skills of a nation-state team are after Active Directory to lock down the entire network while creating new admin-level privileges that will lock out any attempt to shut them down. Meanwhile, other members of the attack team are unleashing legions of bots designed to harvest gigabytes of customer, employee and financial data through an API that was never disabled after the last major product release.<\/p>\n\n\n\n In the SOC, alerts start lighting up consoles like the latest Grand Theft Auto on a Nintendo Switch. SOC Analysts are getting pinged on their cell phones, trying to sleep off another six-day week during which many clocked nearly 70 hours.<\/p>\n\n\n\n The CISO gets a call around 2:35 a.m. from the company\u2019s MDR provider saying there\u2019s a large-scale breach going down. \u201cIt\u2019s not our disgruntled accounting team, is it? The guy who tried an \u201cOffice Space\u201d isn\u2019t at it again, is he?\u201d the CISO asks half awake. The MDR team lead says no, this is inbound from Asia, and it\u2019s big.\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0<\/p>\n\n\n\n Generative AI is creating a digital diaspora of techniques, technologies and tradecraft that everyone, from rogue attackers to nation-state cyber armies trained in the art of cyberwar, is adopting. Insider threats are growing, too, accelerated by job insecurity and growing inflation. All these challenges and more fall on the shoulders of the CISO, and it\u2019s no wonder more are dealing with burnout.<\/p>\n\n\n\n AI\u2019s meteoric rise for adversarial and legitimate use is at the center of it all. Getting the most significant benefit from AI to improve cybersecurity while reducing risk is what boards of directors are pushing CISOs to achieve.<\/p>\n\n\n\n That\u2019s not an easy task, as AI security is evolving very quickly. In Gartner\u2019s latest Dataview on security and risk management, the analyst firm addressed how leaders are responding to gen AI. They found that 56% of organizations are already deploying gen AI solutions, yet 40% of security leaders admit significant gaps in their ability to effectively manage AI risks.<\/p>\n\n\n\n Gen AI is being deployed most in infras<\/span>tructure security, where\u00a018%\u00a0of enterprises are fully operational and\u00a027%\u00a0are actively implementing gen AI-based systems today. Second is security operations, where\u00a017%\u00a0of enterprises have gen AI-based systems fully in use. Data security is the third most popular use case, with\u00a015%\u00a0of enterprises using gen AI-based systems to protect cloud, hybrid and on-premise data storage systems and data lakes.<\/p>\n\n\n\n Gen AI has completely reordered the internal threatscape of every business today, making insider threats more autonomous, insidious and c<\/span>hallenging to identify.\u00a0Shadow AI\u00a0is the threat vector no CISO imagined would exist five years ago, and now it\u2019s one of the most porous threat surfaces.<\/p>\n\n\n\n \u201cI see this every week,\u201d \u00a0Vineet Arora, CTO at\u00a0WinWire, recently told VentureBeat. \u201cDepartments jump on unsanctioned AI solutions because the immediate benefits are too tempting to ignore.\u201d \u00a0Arora is quick to point out that employees aren\u2019t intentionally malicious. \u201cIt\u2019s crucial for organizations to define strategies with robust security while enabling employees to use AI technologies effectively,\u201d Arora explains. \u201cTotal bans often drive AI use underground, which only magnifies the risks.\u201d<\/p>\n\n\n\n \u201cWe see 50 new AI apps a day, and we\u2019ve already cataloged over 12,000,\u201d said Itamar Golan, CEO and co-founder of\u00a0Prompt Security, during a recent interview with VentureBeat. \u201cAround 40% of these default to training on any data you feed them, meaning your intellectual property can become part of their models.\u201d <\/p> Traditional rule-based detection models are no longer sufficient. Leading security teams are shifting toward gen AI-driven behavioral analytics that establish dynamic baselines of employee activities that can identify anomalies in real-time and contain risks and potential threats.<\/p>\n\n\n\n Vendors, including Prompt Security,\u00a0Proofpoint Insider Threat Management,\u00a0and\u00a0Varonis,\u00a0are rapidly innovating with next-generation AI-powered detection engines that correlate file, cloud, endpoint and identity telemetry in real time.\u00a0Microsoft Purview Insider Risk Management\u00a0is also embedding next-generation AI models to autonomously identify high-risk behaviors across hybrid workforces<\/span>.<\/p>\n\n\n\n SOC teams are in a race against time, especially if their systems aren\u2019t integrated with each other and the more than 10,000 alerts a day they generate aren\u2019t syncing up. An attack from the other side of the planet at 2:13 a.m. is going to be a challenge to contain with legacy systems. With adversaries being relentless in their fine-tuning of tradecraft with gen AI, more businesses need to step up and be smarter about getting more value out of their existing systems.<\/p> Push cybersecurity vendors to deliver the maximum value of the systems already installed in the SOC. Get integration right and avoid having to swivel chairs across the SOC floor to check alert integrity from one system to the next. Know that an intrusion isn\u2019t a false alarm. Attackers are showing a remarkable ability to reinvent themselves on the fly. It\u2019s time more SOCs and the companies relying on them did the same.<\/p>\n\n\n\n\n Daily insights on business use cases with VB Daily<\/strong><\/p>\n If you want to impress your boss, VB Daily has you covered. We give you the inside scoop on what companies are doing with generative AI, from regulatory shifts to practical deployments, so you can share insights for maximum ROI.<\/p>\n \n\t\t\t\t\tThanks for subscribing. Check out more VB newsletters here.\n\t\t\t\t<\/p>\n An error occured.<\/p>\n<\/p><\/div>\n
\n<\/div>Cybersecurity\u2019s coming storm: gen AI, insider threats, and rising CISO burnout<\/strong><\/h2>\n\n\n\n
![\"\"](\"https:\/\/venturebeat.com\/wp-content\/uploads\/2025\/04\/Figure-1-Cybersecurity-Adoption-of-genAI-by-use-case-1.jpg\")
Insider threats demand a gen AI-first response<\/h2>\n\n\n\n
Conclusion \u2013 Part 1 <\/h2>\n\n\n\n
![\"\"\/](\"https:\/\/venturebeat.com\/wp-content\/themes\/vb-news\/brand\/img\/vb-daily-phone.png\")
\n\t\t\t\t<\/div>\n<\/p><\/div>\n<\/div>\t\t\t<\/div>\r\n