Exploring the Intersection of AI and Cyber Security: Opportunities and Challenges
Its a brave new world for AI and Cybersecurity professionals
AI seems to be here, there and everywhere in 2023. A quick glance at my Medium and Twitter feed shows every other topic to be about how ChatGPT or some other AI tool is going to change the world and so on.
It is necessary to separate the hype from the reality though and one area that AI is definitely going to have a huge impact is Cybersecurity
Despite being separate fields, AI and Cybersecurity are becoming increasingly intertwined and I thought it would be a good idea to go over some of the key opportunities and challenges that are now present in this new and every changing landscape.
Opportunities as AI and Cyber Security intersect
1 — Enhanced Threat Detection and Response
This is nothing new honestly as Cybersecurity products boasting the “powered by AI” label have been around for years
I had been initially skeptical given how many products I know had barely any machine learning capabilities but just over eager vendors pushing the new buzzword but recent years have shown a huge leap forward
AI is now an integral part of cloud security technologies, SOAR solutions and threat intelligence tooling.
It has truly come into its own and any cybersecurity product serious about threat intelligence needs to have an AI engine driving analysis and learning the network on which it is present
2 — Automation of NON-routine Tasks
Thats right .. I said automating non-routine tasks in cybersecurity
Any solution can automate routine or repetitive tasks but when it comes to tasks involving analysis and report writing, AI can truly change the game in cybersecurity
Any CISO knows the pain of writing root cause analysis reports after a cybersecurity incident or creating a presentation at midnight because the CEO wants to have an overview of the last security alert
It is very possible that the new wave of security powered tools will do all that for you !
Recent developments like Microsoft Security Copilot are a true game changer allowing complex analysis to be done using natural language along with reporting and root cause analysis
At this point .. you might be wondering if your job as a cybersecurity professional has a limited lifespan ?? well YES and NO
If you are job is repetitive and monotonous in nature i.e. downloading security reports, running scans, responding to emails .. you need to upskill NOW before you get replaced
However as I have said before, AI will never replace certain human skills like strategic thinking, leadership or empathy. No AI is going to calm down the team after a successful ransomware incident and take them to dinner afterwards
3 — New AI specific cybersecurity roles
The unique nature of AI will require new cybersecurity roles to be created. Some of them would be:
AI Governance and policy experts
AI application security experts
AI specific penetration testers
Natural language processing security analysts
AI Data Security auditors
I will write about this in more detail in the future but the future is bright for this particular niche
Challenges as AI and Cyber Security intersect
1 — Malicious Use of AI
The elephant in the cybersecurity room is of course the malicious use of AI which is a topic I have been shouting about for many years now.
AI has the potential to introduce new types of risks which simply were not present before. Take the example of Deepfake scams which were serious enough for the FBI to issue an advisory:
Or these can be new types of application security flaws which will be a blind spot for cybersecurity teams if they have not up-skilled themselves.
Think of the damage done by SQL injection attacks when application security was not taken seriously a few decades back and you have an idea of what I am talking about
2 — Ethical and Privacy Concerns
AI is still very much the wild wild west and an unregulated space which brings forward a lot of ethical and privacy concerns.
AI needs data and LOTs of it .. how much visibility do cybersecurity teams have on what is going into the machine learning training datasets ?
How capable is the cybersecurity team of detecting biases within a machine learning algorithm ?
There are upcoming regulations which are aiming to bring some control to AI based systems but we are a long way from striking that balance of knowing what is allowed and what is not
3 — Over-reliance on AI in cybersecurity
The last challenge comes from the very nature of AI as companies jump onto the bandwagon without understanding the technology or the long term repercussions
CISOs might be eager to offload as much work as possible onto an AI powered product without assessing its error or false positive rate or even how much of it can be manipulated by cyber criminals
AI is not infallible by any means with many documented attacks present in which systems were duped into giving incorrect results
The best combination would be a mixture of properly trained cybersecurity teams and properly tested AI products ensure CISOs that they are getting the best of both worlds.
I hope you enjoyed reading this. If you find this topic interesting, check out my book on A.I. governance and Cybersecurity, which goes over new types of AI risks and how to mitigate them.