A bare half, 51 per cent of UK CISOs feel confident in their ability to handle a cyber crisis, according to a survey for a platform. In addition, according to the management consultancy McKinsey, 32pc of cyber professionals are reporting a skills gap in AI and machine learning. The UK’s Cyber Security and Resilience Bill is a step forward to solve this gap, but lacks recognising the importance of training, which is central to confidence in combatting emerging threats, including AI, according to Hack The Box. Censuswide’s survey of 200 CISOs from the UK and US aged 18 and over ran in December 2024.
It says that AI security upskilling would support cyber people in developing the skills necessary to intercept threats posed by AI, ensuring long-term resilience for businesses. Not only is AI being used by threat actors, but companies are increasingly integrating AI into business operations, Hack The Box says; from employee-accessed AI tools to internal large-language models and vast data lakes, organisations are deploying AI-driven, agentic workflows without robust security guardrails. In many cases, data governance measures are either insufficient or overlooked, allowing sensitive information to be accessed, processed, and shared without adequate oversight. The platform argues that traditional security playbooks quickly become inadequate in the face of evolving threats enabled by AI, underscoring the urgent need for more comprehensive and adaptive security frameworks and better data governance.
Comments
Haris Pylarinos, CEO and Founder of Hack The Box, said: โThis new UK regulation signals a meaningful shift in how cybersecurity is prioritised. Although as AI becomes more embedded in daily business operations, the risks it introduces canโt be fully mitigated through compliance alone. To keep pace with emerging threats and support organisations to embrace the full potential of AI, we need to equip cybersecurity teams with the skills, tools, and environments to integrally understand its full potential, as well as how it can be exploited.
โRather than focusing on regulating AI, the industry needs clear support and guidance on how AI can be used, and access to innovative training that helps professionals build real-world readiness. Thatโs where programs designed to bridge the skill gap in AI security will have the greatest long-term impact. We hope to see continued progress in this area as the Bill evolves.โ
And Nikolaos Maroulis, Vice President of AI at Hack The Box, added: โThis legislation will require all companies to have a seamless incident response plan. Yet, Hack The Box data also shows only 53pc of UK CISOs report having a cyber response strategy in place. This gap needs to be resolved rapidly, particularly in highly regulated industries such as the financial sector, which are at significant risk. As AI booms, cybersecurity professionals need to not only know how to defend against AI-led attacks but also know how to use these tools to their advantage. Whatโs needed is guidance, access to trusted training, and knowledge sharing. These foundations are essential to business success.โ
Visit: hackthebox.com.
