The Benefits and Dangers of AI in Cybersecurity
The benefits of AI go both ways: the good guys need to be more vigilant than the bad guys
Key Points
- While the hope of AI as a cybersecurity solution is understandable, simply deploying an AI solution will not provide set-it-and-forget-it security.
- AI provides many benefits for organizations and their security teams, but it also provides great benefits for the bad actors who are using AI to attack those very same organizations.
- Security professionals need to drown out the noise and find the real solutions that work best for their organization.
With attacks growing in speed, scale, and complexity every single day, there’s a myth emerging that AI is the end-all be-all for keeping communications, people, and data secure. The hope that people have for AI is understandable — it represents a lifeline for IT and security teams that face limited resources, increasing complexity, and growing risk. But the actual truth is more subtle. There’s no question that AI is essential to a modern cyber defense strategy, but like every new security innovation, it is just a tool.
Benefits
Despite the complex algorithms under the hood, the benefits of AI are straightforward and easy to articulate. AI:
- Processes vast amounts of data — much more than humans can.
- Processes information far faster than any human.
- Makes “smarter” decisions over time because it learns with help from data scientists to monitor and retrain the models as needed.
- Can simplify and/or automate some tasks.
Applied to cybersecurity, where a few extra minutes of response time can mean the difference between a blocked attack and disastrous breach, those benefits can create tremendous value.
The Impact of Generative AI
Generative AI is not a new topic, but the introduction of ChatGPT in late 2022 unquestionably changed the conversation forever. With broad-based access to such a powerful tool available to anyone, experimentation exploded, as did the fears of what generative AI might ultimately be able to do in the wrong hands. And while ChatGPT has safeguards built in, there are already variants for sale on the dark web that are designed specifically to support malicious purposes.
One of the primary use cases for bad actors is using generative AI to create more realistic phishing emails and to do so at scale – no more spelling or grammatical errors, no more typos and tell-tale stilted language, and support for multiple languages to attack regions not previously accessible to cybercriminals who do not speak their target’s local language.
While little is yet known about how broadly generative AI is being used to create phishing emails and whether humans or AI can consistently detect AI-generated emails, it’s clear that the number of phishing attacks continues to grow with 98% being delivered through email.
AI Cybersecurity Applications
So, how can organizations use AI to combat the use of AI by cybercriminals? Cybersecurity has always been about making high-stakes choices such as what should be let through, what should be blocked, and what risks should be taken. The use of AI by both sides in this fight doesn’t change these questions, but when used wisely, AI can help answer them.
Organizations need to seek out vendors that have a history of being at the forefront when it comes to new technologies and strategies for defending against relentless adversaries like cybercriminals. A top vendor’s solutions will layer AI into its solutions, wherever the technology is the right choice to maximize customer defenses, neutralize more threats, and take pressure off security teams.
The right vendor will level with you and tell you that AI is not a panacea, but just one important part of what needs to be a diverse and well-rounded cybersecurity strategy. That vendor’s detection stack should apply the right inspections at the right time, with AI algorithms working alongside proven technologies that have been continuously improved over the course of a long history.
The right vendor should work with customers to combine dozens of different approaches, augmented by AI, to yield industry-leading security efficacy.
AI and machine learning techniques are not magic. Ultimately, they are tools to help solve problems. The key to their safe and effective use in cybersecurity is the correct application informed by knowledgeable individuals and good quality data.
Large language models and natural language processing techniques have evolved, and this has supported the creation of more sophisticated attacks by cybercriminals. The right vendor knows how to use its AI-supported solutions to effectively counter and stay ahead of threat actors who would misuse AI technology.
Some of the features security professionals should insist on from their cybersecurity vendor are:
- Malicious URL detection.
- Defense against business email compromise.
- Outbound email and sensitive data security.
- Stopping malicious emails disguised as legitimate messages from credible sources.
- Categorizing and triaging suspicious emails and websites.
- Identifying “not safe for work” images.
- QR code detection.
- Malware and zero-day protection.
The Bottom Line
As AI continues to increase in practical and effective use in cybersecurity tools, unfortunately, the hype surrounding it will also increase. Security professionals need to learn the best ways to drown out the noise and find the real solutions that work best for their organization. Mimecast can help; learn more about The Promise and Truth of the AI Security Revolution and be sure to visit our Resources page for more information.
Subscribe to Cyber Resilience Insights for more articles like these
Get all the latest news and cybersecurity industry analysis delivered right to your inbox
Sign up successful
Thank you for signing up to receive updates from our blog
We will be in touch!