A majority of chief audit executives and information technology audit leaders consider cybersecurity to be a top risk over the next year, but they're less concerned about artificial intelligence, according to a new survey.
The
However, while AI may not be seen as an immediate threat, it is rising quickly as a risk. Over half (54%) of the survey respondents believe advanced AI systems, including generative AI, present substantial risks in the next two to three years. Few organizations believe their level of preparedness or the proficiency of their technology audit group in handling AI, generative AI and machine learning risks are at acceptable levels.
Other areas identified as significant threats over the next 12 months include third parties and vendors (60%), data privacy and compliance (58%), and transformations and system implementations (55%).
Companies are focused now on hiring talent to handle such risks, as well as retain and upskill their existing current employees to lessen their exposure to cyber and AI-related risks.
"When it comes to technology challenges, not only are companies facing a wide range of threats, but each of these threats is changing at an alarming rate," said Angelo Poulikakos, global leader of Protiviti's technology audit and advisory practice, in a statement. "Risks related to cyber and AI look radically different than a few years ago, and will surely continue to evolve. Companies that conduct internal audits more frequently and integrate advanced analytical tools and techniques into their audit processes will be more on top of these changes and consequently more prepared when real issues arise. Many organizations are now dealing with the strategic risks of the long-term talent gap, which is why we're seeing more CAEs and auditors recognize this challenge."
The research report is available for download, along with an infographic and podcast about the survey results,
