Generative AI has taken the world by storm, marking a new era of how people interact with technology, the internet and the world. As the applications of artificial intelligence (AI) continue to proliferate, it is crucial for leaders and their cyber teams to reflect on the potential risks of implementing these technologies in their day-to-day operations. Claire Trachet, CFO of YesWeHack, highlights the threats and opportunities of AI and the likely correlation this will have with the growth of the cybersecurity sector in coming years.

According to a recent report by Mckinsey, the use of AI in business has increased by more than 270% in the past four years, a staggering 65% of companies with high AI adoption rates reported revenue increases of more than 10% – indicating a clear operational advantage of AI implementation. However, as the use of digital technologies becomes streamlined by organisations across the world, cybersecurity risks continue to increase alongside them. According to Trachet, “AI offers incredible potential to improve cybersecurity, but it is not a silver bullet”.

Trachet was appointed CFO of YesWeHack – a leading bug bounty program – following her tenure as CFO of Dathena – an artificial intelligence-powered data protection and privacy management company – which was then acquired by Proofpoint in early 2022. Trachet discusses the potential for AI to enhance the capabilities of security professionals by automating tasks such as threat detection and response, and enabling faster incident response times.

However, she also warned of the possibility of cybercriminals using AI to launch even more sophisticated attacks, highlighting the importance of ongoing innovation and investment in cybersecurity. A recent survey by BlackBerry found that 51% of IT leaders believe there will be a successful cyberattack credited to ChatGPT within the year. A further 51% of respondents from a McKinsey Global Survey on AI stated they’re working to ease cybersecurity risks that are AI-related.

A report from BDO published in September of 2022, found UK businesses were facing an average of 65,000 attacks per day in 2020. The findings of the report show SMEs are particularly vulnerable to cyberattacks with 36% of those surveyed stating they’ve experienced an attack in the previous 12 months. Another report by Mckinsey conducted in October of 2022 – which analyses the state of the cybersecurity market – saw only a quarter (26%) of organisations recognize they have a cybersecurity strategy in place that is fully aligned with their overall business strategy. Cybercrime is expected to cost the world $10.5 trillion annually by 2025, according to Morgan Stanley.

Mckinsey’s cybersecurity report forecasts the global market opportunity to be at an estimated worth of $2 trillion by 2030. The report also highlights that the cybersecurity market is expected to grow at a compound annual growth rate of 10% over the next decade, however, Morgan Stanley indicates this will be closer to 12-15%.

For cybersecurity companies looking to attract investment or a potential M&A, CEO of Trachet and CFO of YesWeHack, Claire Trachet, outlines some key considerations to remain a competitive prospect in an increasingly competitive space:

“For cybersecurity companies looking to attract investment or a potential M&A, it is important to focus on innovative technologies that can tackle new and emerging threats, as well as having a clear go-to-market strategy and demonstrating strong financial performance. The ability to demonstrate clear return on investment for customers is also crucial, as is the ability to integrate with other security technologies and platforms.

“Most sectors are cyclical and rely on a positive economic setting to drive investment, cybersecurity, on the other hand, you could argue that cybersecurity is counter-cyclical, as it will be in times of hardship that cybersecurity can see more investment. In addition to this, there is a massive shortage of talent because companies are turning to digitalisation using websites, apps, generative AI, and more.

“As the technology space expands, there is an increase in government regulations, which places more pressure on companies who could risk millions if the correct measures are not implemented. This means it is vital for companies to have some form of risk management, even if that means paying for specialists who can validate those risks.”