Viral Wire

SANS AI Survey: Skeptical Humans Beat AI at Defending Against AI Attacks

78% use AI in security, but 63% see critical flaws—humans still the best defense.

Deep Dive

The 2026 SANS AI Survey, covering 536 IT and security professionals, reveals a sharp divide: 78% now actively use generative AI in their daily cybersecurity work (up from 50% a year earlier), but reliability hasn't kept pace. A full 63% report significant shortcomings when AI detects or responds to threats—far higher than last year. The failures cluster around false positives, an inability to spot novel threats, and confident output that turns out wrong. Two-thirds of practitioners have been misdirected by AI at least once in the past year, with 9% experiencing it more than twenty times. Trust is task-dependent: practitioners are comfortable letting AI classify threats or prioritize vulnerabilities, but far less comfortable letting it confirm a true positive or judge behavioral anomalies.

SANS instructor Matt Bromiley likens AI to a digital intern: “measure twice, cut once.” He stresses that calibration—knowing how much doubt a given output has earned—can't be lectured into someone; it must be trained through repetition in a safe environment. The adversary is already exploiting this gap. Bromiley describes an incident where attacker speed compressed the typical recon-to-lateral-movement window from hours to minutes, thanks in part to AI-generated scripts with clean structure and fast iteration. The survey shows 78% of organizations report AI-enabled attacks (45% confirmed, 33% suspected). Defenders rank behavioral detection, user awareness training, human analyst review, and zero trust as most effective—while AI-specific controls rank last. The takeaway: skeptical human judgment remains the best defense.

Key Points
  • 78% of cybersecurity practitioners now use generative AI daily, but 63% report significant reliability issues like false positives and missed novel threats.
  • Two-thirds of practitioners were misled by AI at least once in the past year; 9% experienced more than 20 failures.
  • Behavioral detection, human review, and zero trust rank as the top defenses against AI-enabled attacks, while AI-specific controls rank last.

Why It Matters

As AI adoption in security skyrockets, over-reliance on flawed tools creates dangerous blind spots—human skepticism is the critical safety net.

📬 Get the top 10 AI stories daily