How to harness AI to advance cybersecurity

Organisations are currently locked in a high-stakes chess match against cybercriminals who are using artificial intelligence (AI). While AI offers immense potential to drive innovation and efficiency across industries, it introduces a new breed of cyberthreat to combat. IT practitioners report that cybercriminals are increasingly using AI and GenAI to launch sophisticated attacks at unprecedented speed and scale. Security leaders must work hard to stay ahead of adversaries.

GenAI-enabled attacks present unique challenges for organisations including more sophisticated automated phishing campaigns and better mimicry of human behaviour. Then there’s highly convincing social engineering schemes like deepfakes to imitate friends, family or colleagues. On a software level, we’re also seeing autonomous malware that adapts and evolves to evade detection.

How should your business respond?

Strengthening security hygiene for AI adoption

While there’s no ‘silver bullet’, you need to start with good security hygiene, especially as organisations accelerate AI adoption.

It starts with ensuring the environment and IT estate are secure by design from product development through to deployment. Embedding security features such as multifactor authentication and role-based access controls add another layer to minimise vulnerabilities, as well as ensuring continuous monitoring to detect and respond to an attack.

Logging and monitoring tools are also key. Security professionals rely on the data from these tools to help identify behavioural outliers that could pose a risk to the organisation.

In the event of a security incident, having a recovery plan in place is vital to restoring operations securely and efficiently, reducing disruption.

Organisations are also increasingly adopting zero trust architectures to fortify their environments. This approach operates on the principle that no entity within or outside the network is trusted by default, and verification is required to access resources on the network. Implementing zero trust effectively reduces the risk of cyber attacks by allowing only verified and necessary activity.

Implementing AI also requires a strong control over the enterprise data, especially for AI systems leveraging public cloud. Strong data security and governance is a prerequisite for an AI security strategy.

The sovereign AI question

The evolution of the cloud brought with it the data sovereignty conversation, as IT decision-makers walked a delicate line between the convenience and risks inherent in adoption. Similarly, AI brings with it benefits and risks, only this time they increased by an order of magnitude.

Reducing reliance on foreign technologies that are vulnerable to geopolitical disruption and ensuring AI is not only controlled and compliant, but fit for the local context, will be important cybersecurity considerations moving forwards. And with governments around the world implementing sovereign AI policies and guardrails, chances are that if businesses aren’t considering their strategic resilience now, they will be forced to, sooner rather than later.

The power of security enabled by AI

Once you have a strong security foundation and have considered your AI sovereignty, embrace the very technology that threat actors use against us: AI. Adopting security solutions enabled by AI can help organisations build cyber resilience and stay ahead of threat actors.

Security enabled by AI is effectively the implementation of AI-powered solutions that organisations can use proactively and reactively to identify and respond to threats. By equipping their security teams with tools that use machine learning, self-learning and adaptive defence capabilities, they can better detect and respond to threats. Leveraging these tools strengthens the overall security posture across the organisation.

In terms of proactive defence, AI can help continuously monitor network traffic, user behaviour and system logs to identify anomalies and suspicious patterns that may indicate malicious activity. This early detection and prevention capability is crucial for minimising potential damage from cyber attacks. It can learn and adapt when detecting new challenges, helping IT and security teams outmanoeuvre attackers who refine their tactics and exploit new vulnerabilities. It also means that businesses can create a bespoke security response that is effective against specific threats for their industry.

Unfortunately, attackers can still get past even the best-protected systems. In these cases, AI can also support recovery by automating incident response processes. Threat containment, data recovery and forensic analysis supported by AI can reduce the business impact of attacks and accelerate recovery.

The human element in security for AI

On top of building a strong security foundation, businesses must recognise that employees are their first line of defence. Every employee needs a basic understanding of how AI is making threats more sophisticated, how to spot them and what to do when something doesn’t seem right. This will become more important as attackers deploy advanced spoofing attacks created by deepfakes that add a convincing façade to criminals’ well-practised social engineering techniques. Security practitioners also require role-specific training in AI so they have the knowledge and skills to understand how bad actors might use the technology.

The cybersecurity landscape is in constant flux. Organisations that prioritise AI-enabled security and a culture of continuous learning are best positioned to navigate the evolving threat landscape. By embracing a proactive and adaptive approach to security, businesses can confidently embrace the transformative power of AI and build a more resilient and secure future.

Top image credit: iStock.com/BlackJack3D