Bugcrowd: 91% of security leaders believe AI set to outpace security teams

June 27, 2024
Over 90% believe that AI already performs better than security professionals, or at least will in the near future.

Bugcrowd released its "Inside the Mind of a CISO" report, which surveyed hundreds of security leaders around the globe to uncover their perception on AI threats, their top priorities and evolving roles, and common myths directed towards the CISO.

Money & Hiring

Among the findings, 1 in 3 respondents (33%) believed that at least half of companies are willing to sacrifice their customers' long-term privacy or security to save money. This is explained in part by the fact that 40% believed that less than 1 in 3 companies truly understood their risk of being breached.

Speaking of money, nearly 9 in 10 (87%) reported that they were currently hiring security staff and 56% stated that their security team was currently understaffed. And despite some common misconceptions around not needing a college degree, respondents reported that only 6% of cybersecurity leaders don't have a college degree and over 80% have a degree specifically in cybersecurity.


Despite plans to hire, 70% reported that they planned to reduce the security team headcount within the next 5 years due to the adoption of AI technologies. Over 90% believe that AI already performs better than security professionals, or at least will in the near future. AI isn't only seen as a benefit however, over half (58%) believe that the risks of AI are worse than its potential benefits.

CISO Perspectives on Ethical Hacking

Due to concerns around the malicious use of AI by attackers, 70% of security leaders turned towards using crowdsourced security for testing their AI defenses. In fact, more than 7 in 10 (73%) of security leaders view ethical hacking in a favorable light and 75% of them actually have experience with it themselves. With modern day threats being more evasive and adaptive than they've ever been – 89% believe there are more threats and they are more serious – it's imperative that crowdsourced security be the center of an organization's cybersecurity strategy.

"The CISO role is evolving. Given the current risk landscape and the need to prioritize security over resilience, the CISO has more responsibility than ever before," Nick McKenzie, CISO at Bugcrowd. "Bridging the gap between CISOs and the collective ingenuity of hackers is key to shielding organizations from the increasing onslaught of AI threats and attacks."

As the cybersecurity landscape continues to evolve, professionals and organizations must remain ready to adapt to the latest trends and emerging technologies such as AI and the implementation of crowdsourced cybersecurity. The Bugcrowd Platform connects organizations with trusted hackers to proactively defend their assets against sophisticated threat actors. In this way, CISOs can unleash the collective ingenuity of the hacking community to better uncover and mitigate risks across applications, systems, and infrastructure.

Access the full report

This report analyzed 209 survey responses from security leaders across the globe, including North America, South America, Europe, Asia, Australia, and Africa – all fully employed at organizations of varying sizes. It defines "security leaders" as anyone with one of the following titles—CISO, CIO, CTO, Head of Security, or VP of Security.

The full report dissects the top priorities of CISOs, addresses the most common misconceptions, uncovers their perceptions on the threat landscape and provides a closer look at what an "Offensive Security CISO" looks like and how hackers and security leaders can join forces. To access all the rich insights and data excavated from the team, click the link here.

To download a copy of the Inside the Platform: Bugcrowd's Vulnerability Trends Report, which shows the types of vulnerability submissions that are on the rise today according to global hackers, click here.

To learn more about how the Bugcrowd Platform can help CISOs protect their organizations from cyber risk, visit the link here.