5 Ways That AI Is Set To Transform Cybersecurity
AI represents a huge turning point for cybersecurity, and it’s important that everyone in the industry understands why and how.
Has it been more than a year already?
On Nov. 30, 2022, ChatGPT was released for public use, went massively viral, and ignited a frenzy in Silicon Valley and on Wall Street.
ChatGPT’s debut was an astounding moment for generative artificial intelligence as people discovered what the tool, able to take written prompts from users and return human-like responses, could do.
With ChatGPT, AI entered public consciousness as potentially one of the biggest technological advances ever, catalyzing new business models and reshaping various industries and business processes.
Cybersecurity is one of the industries being transformed by AI, though the technology represents a unique double-edged sword for the sector: Both attackers and defenders are using AI’s capabilities to augment their tactics.
As we pass the first anniversary of ChatGPT’s coming-out party, this seems a good time to dig deeper into specific ways AI is altering the cybersecurity landscape. AI represents a huge turning point for cybersecurity, and it’s important that everyone in the industry understands why and how.
Here are five things we’re seeing.
1. An AI “attack platform” is emerging.
The early use cases for AI in cybercrime are problematic enough -- for instance, more convincing phishing emails, voice recordings, image cloning, and deepfakes used for fraudulent activities. Hackers’ tactics have grown infinitely more sophisticated than Nigerian prince emails. And because AI-powered hacking tools can mimic human behavior and learn from previous attacks, they are far more difficult to detect and defend against.
But that threat pales in comparison to the growth of AI-powered hacking as a service, which is making it substantially easier to execute attacks. For example a ChatGPT-style tool called WormGPT, readily available on the dark web, can produce malicious software cybersecurity attack campaigns with far less resources and expertise than in the past.
The proliferation of such AI-powered hacking tools is creating a platform with all the basic building blocks for attacks on an unprecedented scale and lowering the barrier to entry for anyone who wants to set up a potentially lucrative cybercriminal business.
The rise of AI-powered hacking tools is making the future of cybersecurity increasingly challenging. As AI technology advances, bad actors will continue to develop more sophisticated attacks that can skirt traditional defenses.
2. The best offense is a good defense.
As AI assumes a larger role in cybercriminals’ arsenal, it’s critical that organizations fight fire with fire by incorporating AI technologies -- machine learning algorithms, natural language processing, and other AI-based tools -- into their cybersecurity strategies in conjunction with more traditional tools like anti-virus protection, intrusion detection, and identity management to identify and mitigate threats.
And here’s good news: In the AI arms race with attackers, defenders have an advantage. That’s because organizations have more data at their disposal -- about their computing environments, their security capabilities, known vulnerabilities, etc. -- than the bad guys do. With that leg up in available data, they can train AI models to provide faster and more accurate identification of potential threats.
However, organizations are blowing that advantage unless they proactively stay up to date with the latest AI developments and invest in the right systems -- those that can detect and prevent the malicious use of generative AI and analyze vast amounts of data to detect anomalies.
3. SOC automation will accelerate.
Humans will continue to work in SOCs, but AI-powered systems will take over more and more of the routine operations.
The modern SOC increasingly resembles a 21st century factory. It used to be that factories were filled with people on assembly lines; now, robots do much of the work and humans work side by side with them to handle more challenging tasks and ensure everything is running smoothly. A similar scenario is starting to play out in SOCs, and it will advance quickly in the coming years.
With attackers moving very quickly and at a never-before-seen scale, it’s a good thing to have machines monitoring and detecting suspicious activity in sprawling enterprises of servers, network devices, laptops, employee-owned phones and tablets, and Internet of Things devices. They can do it faster and better than humans can.
Another benefit: AI also could finally help alleviate the troubling and persistent cybersecurity talent shortage.
4. Generative AI will break down security silos.
Cybersecurity has long been notoriously siloed, with organizations installing many different tools and products, often poorly interconnected. No matter how hard vendors and organizations work to integrate tools, coalescing all relevant cybersecurity information into one place remains a big challenge.
But AI offers a way to combine multiple data sets from many disparate sources and provide a truly unified view of an organization’s security posture, with actionable insights.
And with generative AI, gaining those insights is so easy, a matter of simply asking the system questions such as “What are the top three things I could do today to reduce risk?” or “What would be the best way to respond to this incident report?”
AI has the potential to consolidate security feeds in a way the industry has never been able to quite figure out.
5. The way organizations store and consume data will change dramatically.
Generative AI will blow up the very nature of data infrastructure. Think about it: All the different tools that organizations use to store and manage data are built for humans. Essentially, they’re designed to segment information and put it in various electronic boxes for people to retrieve later. It’s a model based on how the human mind works.
But in the post-AI world, that construct will become obsolete. Data will not have to be consolidated and organized in the same way, since machines will do all the heavy lifting of collecting, retrieving, and contextualizing data.
In fact, data management will have a decidedly random feel -- which sounds shocking until you consider that Amazon essentially did the same when it embraced randomness in its massive warehouses. Items are placed wherever there is open space and computers track items based on factors such as the speed and frequency with which customers order those goods.
The same will happen with cybersecurity data. With AI, there simply will no longer be a reason to store and access data in the human-readable forms we’ve relied on forever. The impact on infrastructure will be profound, dwarfing previous transformations like cloud computing. This over time will transform cybersecurity entirely, as it will redefine the challenges we all face.
The hubbub since ChatGPT’s release last November has highlighted how fast the AI train is moving. My five points show what organizations stand to gain by getting on board.
With cybercrime costs worldwide projected to grow from $8.15 trillion this year, to $13.82 trillion by 2028 as hackers increasingly leverage AI, is there really any choice?
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022