Three quarters of firms have halted AI projects over safety and security concerns – and cyber pros think things will deteriorate as models like Claude Mythos improve

Three quarters of companies have had to halt AI projects because of safety and security concerns over the last year, and systems like Claude Mythos are only going to make security teams' jobs harder.

That's according to a pair of surveys by Aikido and CybaVerse, which highlighted that AI is clearly becoming a security problem – a fact echoed by Five Eyes cybersecurity agencies warning that leaders need to act now to stay ahead of AI-related security risks.

"Adversaries are already using AI to move faster and more effectively. Defenders must do the same," said the UK's National Cyber Security Centre in a blog post.

Rolling out AI to solve the challenges of AI may not prove a simple solution, however. A survey from Aikido Security found that 76% of organizations polled had to stop, restrict, or roll back AI projects over the last year.

Latest Videos From

Watch full video here:

That figure rises to 98% for more active teams that are shipping multiple times a day.

The report found that seven-in-ten companies had a security issue that was harder to detect, investigate, or remediate because of AI, which again rose to 86% for daily shippers.

According to Aikido, the key challenge here lies in velocity. AI has accelerated the pace of development, meaning security teams have less time to spot flaws — and more arrive by the time the first round can be fixed.

Notably, the survey found that three quarters of those polled are rolling out significant production changes weekly – or faster – but only two-in-ten are validating security at that rate.

Because of that, nearly eight-in-ten are concerned about vulnerabilities being introduced between tests and half say test findings are outdated by the time they see them.

Rising AI security concerns

It's perhaps no surprise then that nine-in-ten security professionals see the rise of security-focused models such as Anthropic's Claude Mythos as increasing cyber risk for companies

According to a survey by CybaVerse, 86% of polled cyber pros believe AI systems like Mythos will cut the time it takes for hackers to spot and exploit flaws, leading to more patching. More than two-thirds said their employer lacks the budget to address that increased workload.

“Advanced AI platforms were blasted into the public domain and organizations had no time to prepare for the impact they would have on their cyber defences," said Oliver Spence, CEO of CybaVerse.

"Now that some of the largest technology companies in the world have access to these platforms, we are already seeing an increase in the volume of vulnerabilities being identified and disclosed, with the latest Patch Tuesday being the largest on record."

Looking ahead, security professionals aren't optimistic that AI will make the situation better. Indeed, three quarters believe an advanced AI system will eventually be weaponized by cyber criminals.

"This is something organizations must be prepared for because bulletproof security doesn’t exist," said Spence.

Back to basics

Spence added that core defense techniques haven't changed, even if AI has accelerated the pace of vulnerability discovery.

"Security teams still need visibility of their assets, they still need strong vulnerability management processes and they still need to prioritise remediation efforts based on risk," he said.

"Advanced AI may change the speed and scale of cyber threats, but the organizations that maintain strong cyber hygiene and focus on reducing exposure to their most significant risks will always be in the strongest position to defend themselves,” added Spence.

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.