12th Annual Survey cites among IT audit teams,
68% perceive high threat levels for cybersecurity over the next 12
months
MENLO
PARK, Calif., Oct. 8, 2024
/PRNewswire/ -- As the rapid adoption of artificial
intelligence (AI) transforms industries, organizations are becoming
increasingly aware of the elevated risks it brings—particularly in
the areas of cybersecurity and data privacy. The 12th Annual Global
Technology Audit Risks Survey by Protiviti and The Institute of
Internal Auditors (IIA) highlights how AI is reshaping the
perception of existing risks, with 59% of IT audit leaders
identifying AI as a significant threat over the next two to three
years. In the short term, cybersecurity remains the top concern,
but AI's integration is magnifying these risks and reshaping how
organizations approach them.
The 12th annual Global Technology Audit Risks Survey polled a
group of over 1,200 executives and professionals, including Chief
Audit Executives (CAEs) and information technology (IT) audit
leaders. The survey polled these respondents on the technology
risks their companies face over near-term (12 months) and, for
emerging technologies, the medium-term (two to three year) time
horizons.
AI taking key role in shaping technology auditing
practices
The integration of AI-based tools into technology auditing is on
the rise, with a majority of internal audit functions researching
how this technology can enhance their processes. AIs not only
offering a more comprehensive view of the risk landscape but is
also amplifying concerns about key threats such as cybersecurity
and data privacy. This growing reliance on AI is reshaping how
auditors perceive and address these risks, with AI-enabled audits
identifying higher levels of threats in these areas.
Moreover, AI-driven insights are helping organizations better
prepare for these threats yet concerns about AI's longer-term risks
continue to grow. In fact, 76% of organizations using AI tools
in technology audits perceive a high level of cybersecurity risk in
the next year as compared to only 65% who do not use AI tools.
Similarly, 71% using AI tools perceive a high level of data privacy
& compliance risk, as compared to only 58% of those who
don't.
Still, IT audit leaders have concerns when looking out longer
term. A majority – 59% –anticipate advanced AI systems (including
generative AI) will pose significant risks in the next two to three
years.
"I'm excited about the increasing adoption of AI in internal
audit, and making this a priority is essential for departments to
stay ahead of emerging risks and opportunities," said Angelo Poulikakos, global leader of the firm's
Technology Audit and Advisory practice. "Internal audit also has a
unique opportunity to guide the business in adopting AI responsibly
by advising on effective risk and control governance."
Cybersecurity remains top technology threat
Cybersecurity remains the top technology risk for the second
year in a row, with 68% of respondents identifying it as a
high-level threat. However, AI is compounding these concerns, with
AI-enabled organizations reporting an even higher perception of
cybersecurity risk. Among organizations using AI in audits, 76%
perceive significant cybersecurity threats, compared to 65% among
those not leveraging AI. This suggests that AI's growing role is
not only surfacing new vulnerabilities but also providing deeper
insights into existing risks, ultimately driving a heightened sense
of preparedness and urgency to mitigate them.
Data concerns prevalent
Data privacy and compliance is the second-largest perceived
technology risk over the next 12 months, with data governance and
integrity ranking as the third largest. Additionally, 52% of
auditors view data breaches and leaks of sensitive information as
posing the greatest cybersecurity-related threats. IT audit teams
are not alone in this rising concern as Protiviti's recent Global
Finance Trends Survey also found that 61% of CFOs and finance
leaders rate data security and privacy as a high priority in the
coming year.
Data privacy and compliance as well as regulatory compliance are
two technology risks that saw a year-over-year (YOY) increase in
perceived threat to organizations. Given the GDPR and the SEC's
cybersecurity rules that came into force in late 2023 for all
publicly listed US companies, it is not surprising that IT audit
leaders and CFOs alike would be concerned with increased levels of
preparedness to handle them.
"Cybersecurity continues to be viewed as the most significant
technology threat facing organizations," said Anthony Pugliese, CIA, CPA, CGMA, CITP,
President and CEO of The IIA. "As cybersecurity remains a top risk
and strategic priority for leadership, internal audit functions
will continue to play a key role to assist their organizations in
identifying and mitigating these threats."
Survey resources available
The research report from Protiviti and The IIA, "From AI to
Cyber – Deconstructing a Complex Technology Risk Landscape," is
available for complimentary download, along with an infographic
about the survey results, here.
About Protiviti
Protiviti (www.protiviti.com) is a global consulting firm that
delivers deep expertise, objective insights, a tailored approach
and unparalleled collaboration to help leaders confidently face the
future. Protiviti and its independent and locally owned member
firms provide clients with consulting and managed solutions in
finance, technology, operations, data, digital, legal, HR, risk and
internal audit through a network of more than 90 offices in over 25
countries.
Named to the Fortune 100 Best Companies to Work
For® list for the 10th consecutive year,
Protiviti has served more than 80 percent
of Fortune 100 and nearly 80 percent of Fortune
500 companies. The firm also works with government agencies and
smaller, growing companies, including those looking to go public.
Protiviti is a wholly owned subsidiary of Robert
Half (NYSE: RHI).
About the Institute of Internal Auditors
The Institute of Internal Auditors (IIA) is an international
professional association that serves more than 245,000 global
members and has awarded more than 200,000 Certified Internal
Auditor (CIA) certifications worldwide. Established in 1941, The
IIA is recognized throughout the world as the internal audit
profession's leader in standards, certifications, education,
research, and technical guidance. For more information, visit
theiia.org.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/ai-systems-elevate-cybersecurity-and-data-risks-protiviti-iia-survey-reveals-growing-technology-concerns-302269878.html
SOURCE Protiviti
