An international hacking study shows that 72 percent of hackers believe that artificial intelligence (AI) will not replace human creativity in security research and vulnerability management.
Generative AI is a key topic in the Inside the Mind of a Hacker report. More than half of those surveyed (55 percent) said they can already surpass the capabilities of hackers or will be able to do so in the next five years. Almost three in four respondents (72 percent) believe that generative AI will not be able to surpass the creativity of hackers.
When asked how generative AI is being used, hackers cited automating tasks (50 percent), analyzing data (48 percent), identifying vulnerabilities (36 percent), validating results (35 percent), and conducting reconnaissance (33 percent). Nearly two in three respondents (64 percent) believe that generative AI technologies have increased the value of ethical hacking and security research.
Hacker Stereotypes
The stereotype that hackers are disproportionately male is proving to be accurate: 96 percent of respondents identified themselves as male and just 4 percent as female, with a further 0,2 percent identifying as non-binary or gender-neutral. Most hackers (82 percent) don't hack for a living, but consider it either a part-time job, a side hustle, or something they're about to turn into a full-time job. Only 29 percent named hacking as their full-time job. Motivations for ethical hacking were diverse, but the top motivators were personal development (28 percent), financial gain (24 percent), excitement (14 percent), and challenge (12 percent). Another 6 percent of respondents said they hack for the greater good, and 87 percent said reporting a vulnerability is more important than making money from it.
Hacking and vulnerability management
Opinions differ on how many companies know their true risk of a breach: 27 percent of respondents said that less than 10 percent of companies really know the risk. Another third of respondents (33 percent) said 10 to 25 percent of organizations know their risk, but just 16 percent said more than half of organizations know their true risk of a breach. Respondents painted a mixed picture of the global threat landscape. 84 percent said there have been more vulnerabilities since the start of the COVID-19 pandemic, and 88 percent said point security testing is not enough to keep organizations safe. Still, 78 percent of respondents confirmed that most organizations' attack surfaces are becoming increasingly difficult to compromise. Another 89 percent said companies are increasingly viewing ethical hackers positively.
More at Bugcrowd.com
About Bugcrowd
Bugcrowd, the only multi-solution crowdsourced cybersecurity platform, combines data- and ML-driven crowd-matching with decades of application experience to focus the right human creativity on the right problem at the right time. Trusted by companies around the world, the Bugcrowd Security Knowledge Platform™ makes it possible to find hidden vulnerabilities throughout their attack surface before they can be exploited, leveraging the knowledge of world-class ethical hackers. Bugcrowd is based in San Francisco and is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners.