Increased budgets and team sizes within security departments are giving IT pros a boost despite the prevailing economic challenges in 2023, according to a global survey of 950 IT and security decision-makers.

The Axonius survey also sheds light on the evolving landscape of IT security resource management, highlighting the critical role of optimization strategies and the adoption of cutting-edge technologies in meeting the challenges of cybersecurity in today’s dynamic environment.

The study revealed nearly three-quarters (74%) of IT and security decision-makers disclosed a boost in their organization’s IT or security budget compared to the previous year, and 63% reported an upsurge in team headcount.

Conversely, those encountering budget or team size reductions reported serious consequences, including a 51% spike in security risks and a 49% surge in attacks or vulnerabilities.

The study points to artificial intelligence (AI) as a source of optimization, with 76% of respondents noting increased spending on AI/ML compared to the previous year.

In addition, 85% expressed interest in deploying AI within their organization’s IT and security operations, aiming to match the demands of the cybersecurity workload.

Nearly four in 10 (39%) decision-makers from entities that downsized IT or security teams said they adopted AI-based tools to streamline tasks, compensating for reduced headcounts.

However, the report raised concerns among 72% of decision-makers about the potential adverse impacts of generative AI, such as ChatGPT, on their organization’s cybersecurity.

While recognizing AI’s potential, the report acknowledges its limitations, especially in scenarios like the creation of convincing phishing emails.

Axonius senior director of security Daniel Trauner said for many organizations, an increased budget often means the potential to add new security solutions into their environment.

“However, more tooling does not automatically translate to reduced risk,” he said. “Keeping a system’s attack surface small, and therefore easy to understand and manage, is one of the best ways that organizations can avoid new vulnerabilities.”

He added that the most popular new AI tools, such as advanced large language models (LLMs), have been particularly effective at various natural language tasks like document retrieval and summarization.

“However, security leaders should consider carefully evaluating more complex use cases before trusting decision-based tasks to the output of LLMs,” he cautioned. “For now, they’re better used to enhance the capabilities of human operators rather than acting as unsupervised agents.”

Joseph Carson, chief security scientist and advisory CISO at Delinea, said the positive news from the Axonius report is that with both budget and headcount increases, the expectation is that these will result in improved security and reduced cybersecurity risks for the organizations that have prioritized investments in IT and security.

“Getting the balance right is always going to be the challenge and this means prioritizing where the business is also making its investments should also be where IT and security should be aligned,” he said.

Carson pointed to the findings that indicate a significant proportion of IT and security decision-makers reported no burnout or reduced burnout levels.

“This is a surprise, though, when considering that ransomware has somewhat stagnated this past year, and could have an impact on reduced burnout,” he said. “When the business is investing in IT and security, this can also have a positive outlook on the future and can have a direct impact on the burnout as well.”

In reference to the use of AI, Mika Aalto, co-founder and CEO at Hoxhunt, called the technology “a force multiplier, not a magic bullet.”

“AI can save more time in an integrated system to amplify your detection and response capabilities,” he said. “You can automatically scan for vulnerabilities in your system and your code while monitoring abnormalities in your data and information flows.”

From his perspective, the best thing IT security leaders can do is have as many automated functions performed and integrated on the same platform as possible.