Harnessing AI in cyber-security: threats and opportunities

Vinayak Ram from Protiviti discusses the threat and opportunities associated with AI in cyber-security

 

In the fast-paced digital world, artificial intelligence (AI) is crucial for shaping cyber-security strategies. As we advance in the information age, AI’s impact on cyber-warfare tactics is evident. It also helps organisations stay ahead, boost productivity, and enhance security.

 

Offensive: Threats

From an offensive security perspective, attackers are leveraging AI to enhance their tactics, making them faster, more cost-effective, and harder to detect. A prime example of this is in the field of social engineering. Attackers use AI to generate convincing phishing emails, conduct automated reconnaissance, and drive large-scale social engineering campaigns. The sophistication of these AI-powered attacks makes them increasingly difficult to identify and counteract, posing a significant threat to cyber-security.

 

Another emerging risk is the use of AI by attackers to create deepfake videos and audio for highly targeted social engineering attempts. Historically, producing these types of media required significant computing resources and a high level of technical skill.

 

However, fast forward to the present day, AI is rapidly lowering these barriers to entry, making these powerful tools more accessible. As a result, we can expect an increase in the adoption of these techniques, leading to more advanced and harder-to-detect social engineering attempts. 

 

In the short term, we anticipate a rise in AI-powered social engineering campaigns until defensive security measures can catch up.

 

Defensive: Opportunity 

On the defensive side, AI’s impact and potential is equally significant. Almost every major security vendor is integrating AI capabilities into their solutions to enhance the effectiveness, efficiency and productivity of their analysts. One of the most promising areas of impact expected in the coming year is the automation of Security Operations Center (SOC) activities, including incident analysis and reporting, which are critical areas for maintaining robust cyber-security measures.

 

AI-powered ’helpers,’ or ’Agentic AI,’ can increase security analysts’ productivity tenfold, allowing them to concentrate on high-impact tasks. By automating routine activities, these AI assistants free up valuable time for analysts to focus on strategic decision-making and proactive threat hunting. This technology shows great promise in addressing one of cyber-security’s biggest challenges— ‘Alert Fatigue.’ By shifting focus from mundane tasks to more complex issues, organisations can significantly enhance their cyber-security posture.

 

The adoption and use of AI are beginning to disrupt certain areas of the security industry, particularly penetration testing. There is a high demand for penetration testing skills, yet the supply of these skills remains limited. A new wave of startups has emerged to address this issue, and while they do not aim to completely replace human testers, they focus on automating significant portions of the process. These AI-powered automated penetration testing tools tackle over 70% of the challenges on popular training platforms without any human intervention, as initial results show.

 

These emerging technologies have the potential to provide much-needed consistency in testing, as the quality of penetration tests often varies greatly depending on the individual conducting them.

 

AI significantly reduces barriers to entry, enabling a wider segment of the workforce to engage in cyber-security efforts. For example, tasks that typically require advanced skills, such as writing complex SQL queries or executing PowerShell commands, have become more accessible through AI-powered tools. These tools utilise natural language to enhance human-technology interaction, democratising access to advanced cyber-security operations.

 

There is no doubt AI will significantly impact cyber-security. AI enhances offensive cyber-attack techniques and revolutionises defensive cyber-security strategies. As we navigate this digital age, it is essential for organisations to keep up with these developments. Leveraging the power of AI could be key to staying one step ahead in the constantly evolving landscape of cyber-warfare. 

 

However, it is important to recognise that while AI offers numerous advantages, its misuse by malicious actors can pose serious threats. Therefore, adopting a balanced approach that maximises AI’s benefits while minimising its risks is crucial for achieving robust cyber-security. 

 

---

 

Vinayak Ram is a Senior Director at Protiviti

 

Main image courtesy of iStockPhoto.com and Shutthiphong Chandaeng