The application of artificial intelligence (AI) is becoming increasingly important in cybersecurity, offering a host of advanced capabilities critical to modern digital business models. While it may be tempting to deploy AI without a targeted strategy, responsible leaders should carefully consider how AI can be effectively integrated without compromising overall performance.
According to Statista, the most common security applications of AI focus on protecting networks, endpoints, and data. Over 75 percent of IT leaders surveyed in 2019 cited network security as their top challenge, followed by 71 percent for data security and 68 percent for endpoint protection.
AI offers powerful tools to address these areas, particularly the ability to analyze large amounts of data and identify patterns that indicate potential or actual security breaches. Furthermore, AI is being used in areas such as identity and access management and is increasingly protecting resources deployed outside traditional firewalls, for example, in the cloud and the Internet of Things (IoT).
Not all AI is the same
However, it’s important to distinguish between the different types of artificial intelligence, as each brings specific capabilities to enhance cybersecurity. Machine learning (ML) has proven particularly effective in threat detection, attack mitigation, and mobile device security. According to Chandni Naidu of Fintech News, ML can adapt to changing conditions without human intervention.
As data environments become increasingly complex, machine learning can take over routine tasks, freeing human experts to focus on more strategic aspects. This is particularly effective in mitigating DDoS attacks, where systems are overwhelmed by requests from thousands of computers. For example, Amazon experienced a DDoS attack in February 2020 with a bandwidth of 2.3 terabits per second. The largest attack recorded to date was GitHub in 2018, with over 1.35 terabits per second for 18 minutes.
AI also plays a critical role in cybersecurity software development. Within the new DevOps model, AI can assess vulnerabilities and update code at a rapid pace, allowing organizations to quickly deploy new layers of protection and patches to address emerging threats.
Effectiveness of AI-driven antivirus solutions
Traditional antivirus solutions require regular updates to counter new viruses. New threats often emerge before patches are available. With AI-powered solutions, however, anomaly detection can monitor systematic behavioral changes, even if the malware doesn’t display the typical digital signatures of previous attacks. However, this can be frustrating for the average user, as legitimate applications are sometimes identified as anomalies, requiring user intervention.
Another area where AI helps users is secure email communication. AI-based email systems now exist that assist with message creation to ensure emails are sent to the correct recipients. These systems prevent confidential files from being sent to external recipients and offer advice on proper classification and encryption.
AI vs. AI
One of the most effective applications of AI is its use against AI-enabled attacks. AI-driven bots scan networks for vulnerabilities and account for a large portion of internet traffic. According to Mark Greenwood of Netacea, these bots can cause everything from account theft to the disruption of critical data transmissions. Therefore, multi-factor authentication is essential.
“Organizations can’t counter automated threats with human responses alone,” says Greenwood. “They need to leverage AI and machine learning if they’re serious about addressing the bot problem.” To distinguish between good bots, bad bots, and humans, AI is needed to develop a comprehensive understanding of website traffic.
Conclusion
Despite advances in cybersecurity, “white hats” continue to face the challenge of tracking and holding accountable the activities of “black hats.” While AI acts as both a tool and a potential hindrance, its influence on data and infrastructure security will remain critical. The battle between good and evil will continue into the future, with AI playing a central role in this ongoing cyberwar.
