By Aaron Bugal Field CTO APJ Sophos
The rise of artificial intelligence, undoubtedly one of the most influential technology in recent decades, has elicited a variety of reactions from individuals and organisations. As we explore its potential, concern grows as it threatens to take jobs and global discussions are taking place on how it should regulated. Artificial intelligence is a double-edged blade for cybersecurity professionals.
While AI has the potential to enhance cybersecurity solutions through its pattern recognition, summarisation and assistance capabilities it also opens up the door for threats actors to harness this technology in more sinister ways. What impact will AI have in a world in which we are constantly racing to out-innovate the cybercriminals? Especially as it continues to develop itself?
New technology means new threats
The cybercriminals have shown that they are not to be underestimated. AI is only strengthening their arsenal as they are constantly updating their strategies, tactics, and tools in order to breach businesses. AI is commonly used to help threat agents better imitate real humans – changing voices, images, and messages to carry convincing phishing campaigns.
Cybercriminals are now experimenting with AI on a technical level, beyond mimicking human behavior. Cybercriminals have advertised malicious GPTs with functions like automated penetration testing and malicious malware development. There are still some similarities between the legal industry and business. Cybercriminals are reluctant to implement the technology in their operationsas they are primarily exploring generative AI for experimentation and proofs-of-concepts.
This doesn’t mean that organisations should slow down as artificial intelligence will become a regular part of cyberattacks. Businesses should instead evaluate if they’re using the technology in an optimal and secure way within their cybersecurity setup.
AI is not about being the first, but smart
Businesses are looking at how AI can be utilized. According to Sophos, 98 percent of organisations use it in their cybersecurity infrastructure. In addition, 65 percent of organisations use cybersecurity tools that have generative AI capabilities. And 73 percent use solutions with deep learning models.
While AI adoption can bring many benefits to cybersecurity, it can also introduce a number of risk if approached incorrectly. Inadvertently, poorly implemented AI models can introduce significant cybersecurity risks. If it is not provided with the correct inputs, then it cannot produce adequate results. The vast majority of cybersecurity professionals (89%) are concerned that potential flaws with cybersecurity tools’ generative capabilities could harm their organization. 43 percent are extremely concerned.
This level of alertness should also be maintained for AI implemented in non-cybersecurity tools, since emerging technologies are a threat in their infancy. Agentic AI, for example, has been a hot topic in recent years. But will a technology which learns from humans adequately defend itself against cyber threats? AI should be used to serve a specific purpose. Expecting an AI agent or system to do everything without human intervention is risky.
The artificial intelligence advancements of an organisation – within its cybersecurity infrastructure and technology stack – must be done with guardrails in place and thorough oversight.
Fighting with fire without getting burned
As the race against cybercriminals continues, artificial intelligence is only going to become a multiplier for innovation on both sides. When implemented with care, businesses can avoid the risks associated with AI in cybersecurity systems. Asking vendors about their AI capabilities can help you get a better picture of AI development practices.
Artificial Intelligence will be a mainstay in organisations for many years. It is no different in cybersecurity. However, with such high stakes, it is crucial that AI be used correctly. Otherwise, it will only work to its intended purpose, giving cybercriminals an advantage over organisations in this ongoing war. It’s not about adding a wide range of AI capabilities in order to expand your cybersecurity infrastructure. Instead, it’s about choosing the right capabilities for your cybersecurity needs.
