Artificial intelligence has long dominated conversations in business and consumer technology, as well as in mainstream media, but the trend saw a major uptick with the release of Open AI’s ChatGPT. As AI is becoming much more accessible, easier to use, and more refined, it is quickly being integrated into everyday life, bringing with it almost as many serious risks as it has advantages. Indeed, AI is a double-edged sword from many points of view, and cybersecurity is no exception.
AI: The good, the bad, and the ugly
The bright side is that AI capabilities are helping security professionals expedite multiple workstreams, such as threat detection and security event processing. As a result, they are enhancing efficiency and liberating some of these professionals’ time so they can dedicate their efforts to more labour-intensive aspects of their role, which require creative, critical, human thinking.
However, the increasing requirement for AI in a cyber professional’s skillset is putting more pressure on both organisations and individuals, while greatly widening the already substantial cyber skills gap. In other words, AI is exposing the unrealistic expectations many businesses have. Recruiters often ask that candidates be familiar with standard sets of cybersecurity tools, but also know the latest threat landscape inside and out. On top of that, they are sometimes requiring several years of experience working with ChatGPT – even though the tool has only been around since November of last year!
We must also remember that the same AI tools that security professionals use are also readily available for bad actors. Always on the lookout for more evasive, more resilient tactics, cybercriminals rely on AI to elude detection and escape security systems. The use of generative AI for phishing purposes is an important, and alarming, example. Using AI, cybercriminals can more easily map and exploit the vulnerabilities of an organisation’s infrastructure, and gain access to sensitive data or otherwise endanger the business. This is an endless game of cat and mouse which is set to get even rougher as time goes on, and as AI develops further.
You must fight AI with AI
We have now seen that AI is changing the cyber landscape in many different and radical ways. It is also developing much faster than any other tech trend. ChatGPT took only an amazing five days to reach the landmark of one million users. By way of comparison, Facebook needed ten months, and Twitter two years, to achieve the same feat.
The only way to keep up with the speed at which this particular technology bandwagon is moving is to jump on it. You simply cannot throw anything else at the problem but AI itself. There are now increasingly sophisticated threats, powered by AI, which are getting extremely difficult to filter out without it. The level of critical thinking and complex decision-making behind these evolving tactics is getting higher and higher. Organisations which aren’t prepared to fight fire with fire are going to be increasingly vulnerable to a wide range of attacks.
The bottom line
As it represents both significant development opportunities as well as risk factors, AI simply cannot be ignored. If businesses want to thrive, or even just survive, in the current technological climate, they need to be able to adapt AI in a way that is as speedy as it is comprehensive.
Some fears regarding AI, while understandable, are often ungrounded. It is highly unlikely that such a technology could ever fully replace humans, especially considering their generative and predictive nature, which still requires substantial human input. However, the way this technology is growing, it is far more likely to pose the threat of rendering non-AI-savvy businesses obsolete.
Humans will always have a place in the cyber sector, and they will not be completely replaced by AI. However, they might be replaced by people who can handle AI better. This is a game of the best AI and the most knowledgeable AI experts, and the sooner your business understands that, the better.