6 June 2024 - Artificial Intelligence (AI) has ushered in both promise and peril for organisations needing to combat cyber threat actors. As ESET Southern Africa Chief Technology Officer, Adrian Stanford, notes, “AI is reshaping the battlefield between cyber attackers and defenders, offering new tools to both sides.”
The double-edged generative AI (gen AI) sword can be used by malicious actors to craft sophisticated phishing emails, spam, and disinformation campaigns, amplifying the scale and effectiveness of cyberattacks. However, defenders can also harness AI for threat intelligence research, improved threat detection capabilities, and streamlined incident response. It's a battle of wits and algorithms, where innovation is the currency.
AI Cybersecurity is surging
According to the World Economic Forum’s (WEF) Global Cybersecurity Outlook 2024, “Emerging technology (like AI) will exacerbate long-standing challenges related to cyber resilience.” It therefore comes as no surprise when Help Net Security reports that:
- 55% of organisations plan to adopt GenAI solutions within this year, signalling a substantial surge in GenAI integration.
- 48% of professionals expressed confidence in their organisation’s ability to execute a strategy for leveraging AI in security.
Contrary to fears about AI taking people’s jobs, Help Net Security reports that only 12% of security professionals believe AI will completely replace their role. Looking after your cybersecurity employees remains a crucial component of AI-related security strategy.
Ease the load by augmenting human cybersecurity capabilities
In an industry fraught with constant pressure and hypervigilance, the ability to augment human capabilities contributes significantly to the mental well-being of cybersecurity professionals, improving employee experience and key skill retention. According to Stanford, “The deluge of cybersecurity data and alerts poses a significant challenge, often overwhelming analysts and impeding their ability to prioritise and react effectively. Herein lies the transformative power of AI-driven automation.”
Stanford believes that harnessing AI to digest vast amounts of data and distil actionable insights, cybersecurity professionals can focus their attention on the most critical and genuine threats, mitigating the risk of burnout and cognitive overload. In essence, AI empowers defenders to automatically and proactively identify and mitigate threats in real time, safeguarding digital assets with unparalleled safety, convenience and precision.
Specific use cases include:
- Accelerating threat research - AI helps cybersecurity specialists discover and analyse new threats more rapidly. That’s key, in an industry where safety means staying one step ahead of evolving threats.
- Machine learning algorithms - play a pivotal role in behavioural and malicious code analysis, offering insights into the modus operandi of cybercriminals.
Large language models - serve as invaluable tools to interpret and explain threat intelligence, facilitating case summarisation, and automating incident creation.
It's imperative to recognise that AI should complement, not replace, human expertise. “Human oversight remains indispensable in guiding and refining AI-driven cybersecurity solutions for the foreseeable future, ensuring ethical and effective implementation in the cybersecurity domain,” says Stanford.
Bridging the Talent Gap
In an industry segment where there simply aren’t enough skills, hiring more people cannot be a sustainable solution. That’s why AI emerges as a formidable ally in bridging the cybersecurity talent gap in three ways:
- AI can be an excellent, personalised training tool. AI equips junior security professionals with the skills and expertise necessary to navigate the complexities of cyberspace effectively.
- Secondly, AI-powered tools can augment the capabilities of junior security professionals as described above, making them more effective.
- Thirdly, with the automation of certain aspects of threat hunting, advanced security professionals can focus their finite resources on more advanced tasks.Given that AI transforms the cybersecurity landscape with potential for both defenders and attackers, the human element remains vital. The synergy between AI and human intelligence remains essential to maintain robust cybersecurity defences.
Given that AI transforms the cybersecurity landscape with potential for both defenders and attackers, the human element remains vital. The synergy between AI and human intelligence remains essential to maintain robust cybersecurity defences.