Legacy Tech and AI Pose Mounting Challenges for UK IT and Security Teams

UK IT and security teams face mounting pressure from legacy technology

Across the globe, IT and security teams are facing a perfect storm of challenges. But research from a new Google Workspace survey, Security at a tipping point, suggests that in the UK, IT and security leaders are feeling the pressure more acutely than many of their global counterparts. In fact, the average cost of a data breach in the UK is 3.5 million GBP, which is 7.6% higher than last year. The results point to two key factors driving this trend: the burden of legacy technology and the rapid rise of generative AI, both of which are contributing to an increasingly complex and challenging threat landscape. While many organizations rely on legacy systems, they are increasingly a liability in today's rapidly evolving digital environment. The survey indicates that 75% of UK security leaders believe legacy technology has left them ill-equipped to handle the challenges of modern security threats, compared to 59% globally. This reliance on outdated technology is creating vulnerabilities that cybercriminals are all too eager to exploit. The problem is compounded by a reluctance to embrace change. The survey notes that organizations often opt to expand their existing security tools rather than replacing outdated tools with more modern, secure-by-design solutions. 62% of security decision-makers globally admitted to simply expanding their security tools rather than replacing them. This piecemeal approach to security not only fails to address the root of the problem but often exacerbates it by creating a complex and unwieldy security environment that is difficult to manage effectively. Generative AI: navigating the path to responsible innovation Generative AI is revolutionizing the way we work and live, bringing a wealth of opportunities. However, while AI can significantly enhance security, it also introduces new risks that require attention. The survey highlighted this duality, revealing that 77% of UK security leaders believe that generative AI usage has contributed to a rise in security incidents. This figure, 12 percentage points higher than the global average (65%), underscores the need for proactive measures to address the evolving security landscape. UK organizations have also been slow to act on these concerns: Only 27% of UK respondents said that they had introduced generative AI-specific security policies, compared to the global average of 41%. This increase in security concerns related to AI can be attributed to several factors, including the rise of "shadow AI" inside of companies - the use of generative AI tools that haven't been vetted and authorized by the IT and security teams. The challenge isn't that AI is inherently riskier, it's that unsanctioned and ad hoc use of "shadow AI" inside of companies creates an extremely challenging task for security administrators to protect what they can't see and can't measure. Enterprise-grade solutions, like Gemini for Workspace, offer a safer alternative that gives organizations the ability to get the most out of AI along with the security, compliance and confidentiality controls necessary to make it safe. The combined pressure of legacy technology and "shadow AI" has taken a toll on IT and security teams in the UK. 43% of UK IT and security leaders report that their teams are overwhelmed and burned out by security threats, 15 percentage points higher than the global average. This burnout is a clear indicator that the current approach to security is unsustainable and that a fundamental shift is needed. So what can UK organizations do to address these challenges? The security landscape is constantly evolving. Organizations in the UK that fail to adapt and invest in a more modern and holistic security approach risk falling victim to increasingly sophisticated and costly cyberattacks from commercially-driven criminal groups to state-sponsored adversaries. Watch this webinar to learn how digital workplace solutions from Google can help enable safer work across your organization.

Legacy tech, burnout, and AI -- Google report finds the biggest worries for security leaders right now

Generative AI is becoming more important to solutions and threats It probably won't come as a huge surprise that burnout is a significant concern for IT workers and security leaders, but new research from Google Workspace has claimed most are more worried about their teams being overwhelmed. The company's report found nearly half (43%) saw being overwhelmed as a serious concern, showing current approaches are unsustainable for many businesses. Overall, the report found nearly all (96%) of organizations said they were confident in their security posture, yet 81% reported experiencing at least one security incident per year, showing there is much work left to be done. The threat landscape is changing thanks to AI, and security teams are seeing more incidents than ever. The new research shows that 81% of organizations see at least one threat per year, with the average being 8 per year. This may not sound like much, but when the average cost of a data breach is now $4.45 million, even one incident per year can cripple an organization if they're not properly protected. Some risky behaviors were uncovered in the report, with 63% of respondents using unlicensed generative AI tools on a weekly basis, and almost half (48%) trust unlicensed gen AI tools to help them deal with threats. As might be expected, AI is at the forefront of security concerns, and while 93% of security decision makers are worried about incidents, the top breach issue is from generative AI attacks, with nearly a third (31%) identifying this as a primary concern. Gen AI as a security tool is also gaining traction, with 59% of security decision-makers seeing it as a key tool in combating evolving threats. Legacy tech was also identified as a major issue, which 75% of IT leaders say is leaving them ill-equipped to handle modern security threats. Nearly two-thirds (59%) of organizations admitted relying on outdated technology had hinders their security preparedness, and 71% said legacy technology has left them less prepared for the future. "The evidence from our research is clear: Organizations don't need more security products, they need more secure products," noted Andy Wen, Senior Director of Product Management, Security, Google Workspace. "If they're going to stave off a barrage of sophisticated attacks in the future, they need to move away from outdated solutions and approaches that were designed for the desktop era. They need to embrace secure-by-design solutions that address the modern threat landscape and the way we work now."