AI isn’t the cyber future - it’s the present

Padlock against circuit board/cybersecurity background
(Image credit: Future)

It’s easier to talk about the areas of life that AI won’t affect than where it will. Businesses are at the forefront of that adoption. But where businesses go, bad actors often follow - sometimes, they’re even ahead.

Whilst Gen AI is being used positively amongst businesses, speeding up admin tasks and acting as an assistant to many, it has already gotten into the ‘wrong hands’. More and more Gen AI offerings are available on the dark web to assist wanna-be hackers and bad actors in their endeavours. The commodification of AI can help cybercriminals make phishing attacks seem more personable and realistic, which can increase the likelihood of successful intrusions that could lead to ransomware attacks. Ransomware is one of the biggest threats to businesses today, putting businesses, reputations and careers at risk, and it is here to stay.

In the face of these evolving threats, the onus is on businesses to engage all its stakeholders including C-Suite and prioritize cyber resilience to ensure business continuity. It is not a case of if an attack happens, but when. Data is every organization's most important asset and if your data is secure, your business is resilient.

Richard Cassidy

EMEA CISO at Rubrik.

Fuel to fire

Typically, we associate AI with large language models such as OpenAI’s ChatGPT and Google’s Bard AI, and not with the potential cybercrime threats that tools like Worm GPT and FraudGPT can bring.

However, in the cybercrime field, we are all too aware of cyber criminals focusing on the biggest return and reward for the lowest investment of time and effort, and Generative AI can represent a perfect synergy in this respect in the cybercrime underworld.

AI can be used by adversaries to optimize and expand the reach of their threat campaigns far more efficiently than ever before, resulting in attacks that narrow the window for defenders to respond and mitigate.

Emotional strain

As AI technology advances, the sophistication of scams is following suit. In the future, AI threats could include autonomous systems capable of making decisions on how to modify their attack strategies in real time, with the ability to analyze attack campaign effectiveness. It could enable the use of data sets to constantly evolve and improve automatically, building an adeptness at bypassing traditional security measures - something that we’ve not seen in the history of cybersecurity.

For stretched CISOs and IT teams, however, AI can appear to be an additional strain on their workloads. This is as in the UK, 92% of senior IT and security leaders in the UK reported changes to their emotional and/or psychological state as a direct result of a cyberattack, with 36% worrying over job security.

That doesn't have to be the case however. For example, Generative AI companions can help stretched teams in simplifying and automating cyber incident responses and therefore recovery.

AI for good

Despite the threats, it does pay to get ahead. Businesses need to be leveraging AI in controlled environments where they are confident of its benefits, which typically includes the automation of admin tasks, support with data compiling, and creative inspiration.

When used by CISOs and IT teams to support cyber resilience, AI can assist in the areas of analysis, investigation and threat modelling to understand potential attack vectors and enhance their anomaly detection capabilities. This not only takes away some of the strain on stretched teams, it reduces their admin time and allows them to focus on ‘bigger fish’ activity - and their cyber resilience strategies.

Investing in AI tools should include training employees on its use cases in controlled environments, shining a company-wide light on cyber resilience. However, IT teams and CISOs must continue to closely monitor its use, govern access to training data, and set guardrails.

It is imperative that the C-Suite is heavily involved in cyber resilience, as the ultimate responsibility to adopt and implement compliant AI functions will always lay with the executive leadership in an organization.

A new chapter

Simply relying on prevention is not enough. To help ensure uninterrupted business operations in the face of threats, IT teams and CISOs must build cyber recovery and resilience strategies that proactively safeguard data integrity, identify sensitive data and threats, and enable a clean, rapid recovery.

The newly proposed Cyber Security and Resilience Act introduces expanded reporting requirements for ransomware attacks, providing government agencies with valuable new information on the scale of attack and the ability to increase support to affected businesses.

The aim of the bill is that mandatory reporting requirements will provide policymakers and threat intelligence agencies with valuable data on the prevalence of cyberattacks, currently seen as a "known unknown." With all of this additional data to hand, it is critical that it is managed effectively, and with law enforcement and cybersecurity companies involved, to mitigate threats effectively.

When it comes to the impact on businesses, it is important to have a balanced approach - one that combines regulatory measures with practical support for affected organizations. Despite the threats when used positively by CISOs and IT teams, AI can help with analyzing, investigating and threat modelling to help build cyber resilience strategies, and better understand potential threats.

To meet these growing threats CISOs and IT teams must fight fire with fire or risk losing the AI cyber arms race.

We've reviewed and rated the best cloud antivirus.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://dhhongbanguniversity.site/news/submit-your-story-to-techradar-pro

EMEA CISO at Rubrik.