What do the terms artificial intelligence and machine learning mean to you? If what comes to mind initially involves robot butlers or rogue computer programs, you’re not alone. Even IT pros at large enterprise organizations can’t escape pop culture visions fed by films and TV.

But today, as cyberattacks against businesses and individuals continue to proliferate, technologies like AI and ML that can drastically improve threat detection, protection and prevention are critical. This is even more true as workforces continue to operate remotely in such numbers.

That’s why, for a few years now, we’ve been conducting surveys of IT professionals to determine their familiarity with, and attitudes toward, artificial intelligence (AI) and machine learning (ML). For the purposes of this report, we surveyed IT decision-makers at enterprises (1000+ employees), small and medium-sized businesses (<250 employees), and consumers (home users) throughout the U.S., U.K., Japan, and Australia/New Zealand. 

As a result, we learn about:

• Baseline cyber hygiene, including what cybersecurity tools are in use and how they’re used
• General experience with data breaches and attitudes toward the safety of their data
• How many organizations use cybersecurity tools with AI components
• Whether IT admins feel that AI actively contributes to the safety of their organizations or is marketing fluff

We titled this year’s survey Fact or Fiction: Perceptions and Misconceptions of AI and Machine Learning and expanded it to include professionals in the enterprise, mid-market organizations and private individuals. It’s one of the largest and most thorough reports on the topic we’ve put together to date and is packed with interesting findings.

Historically, we’ve seen significant confusion surrounding AI and ML. IT professionals are generally aware that they’re in-use, but struggle to voice how they’re helpful or what it is exactly that they do. In Australia, for instance, while the bulk of IT decision makers employ AI/ML-enabled solutions, barely over half (51%) are comfortable describing what they do.

Nevertheless, adoption of AI/ML-enabled technologies continues to rise. Today, more than 93% of enterprise-level businesses report using them. Overall, slightly less than half (47%) call increasing adoption of AI/ML their number one priority for addressing cybersecurity concerns in the coming year.

Here are a few other key takeaways regarding enterprise attitudes toward AI/ML:

• Understanding is growing – But more education is still required, so vendors must focus on benefits of AI/ML in terms of the bottom line and an enhanced security posture.
• AI/ML are key to repelling modern threats – Especially for remote workforces, advanced technologies are emerging as a key component for ensuring uptime and availability for clients.
• AI/ML can differentiate a business – Buyers are looking to invest in their tech stacks to stay out of the headlines for suffering a breach. As understanding of AI/ML grows, more are looking for these capabilities in their cyber defenses.

For the mid-market and individuals, another theme has persisted through our studies: overconfidence.

Among IT professionals at businesses with fewer than 250 employees, almost three-quarters (74%) of respondents believe their organizations are safe from most cyberattacks. But 48% have also admitted to falling victim to a data breach at least once. Interestingly, despite their confidence in their cybersecurity, the same respondents also believe their security situation has been worse by COVID-19.

Other notable findings among small and mid-sized businesses include:

• They’re beginning to recognize they’re targets – SMBs are catching onto the fact that cybercriminals pick off weak targets and realizing this fact’s implications for their supply chains.
• Limited IT budgets must be spent wisely – Without the resources to hire full-time IT staff, it becomes critical that a security stack defends against all the most common forms of attack (and their consequences).
• User education is key – If a business can’t spring for top-of-the-line cybersecurity solutions, educating users on how to keep from enabling breaches can go a long way towards building a strong defense with relatively little investment.

Consumers continue to report abysmal habits in their personal online lives. Less than half use an antivirus or other security tool. Only 16% report using a VPN when connecting in public spaces and 48% have had data stolen at least once. On the brighter side, constant headlines concerning corporations leaking consumer data have made consumers wary about who they give their data to and how much. This healthy skepticism is a good sign as the next large data breach is likely just around the corner.

Some valuable learning from the consumer sector, and how it bleeds over into the corporate sector, include:

• Business breaches affect consumers’ data – And they know it. Consumers are wary of providing too much sensitive data to companies after being barraged by news of high-profile hacks and data breaches.
• Consumers ARE NOT taking proper precautions – Fewer than half of home users have antivirus, backup or other cybersecurity measures in place. In all, 11% take no precautions online. This finding is especially relevant if remote workers are using personal devices for business.
• Unsurprisingly, AI/ML knowledge is lacking – When paid IT professionals don’t understand the technology, it may not be practical to expect the average consumer to be. But consumers should do their research on the tech powering their protection before committing to a VPN, antivirus or backup solution.

For the report’s complete findings, including a breakdown of cybersecurity spending by business size, download the full report.