Resources

The Pros and Cons of AI in Cyber Security

Written by Chris Speight | Nov 30, 2023 12:39:29 PM

The future of AI in cybersecurity is both essential and worrying, as it is set to transform how both cyber security and cyber attacks are managed and implemented. 

AI's ability to learn and adapt to new threats could significantly enhance detection, containment, and response times, making it a critical tool for security operations centres (SOCs). The integration of AI in threat intelligence is expected to drive substantial changes across the industry, improving the accuracy and speed of cyber defences.

Artificial intelligence is being adopted in various ways within cybersecurity. For example, AI excels at pattern recognition, which can help reduce false positives, clearing the way for meaningful, real-time threat detection and behavioural analysis. AI also plays a role in automating repetitive tasks, thus saving time for organisations in discovering new threats and dealing with increasingly sophisticated cyberattacks.

Moreover, AI has the potential to predict which software vulnerabilities are likely to be targeted by hackers based on past patterns, empowering organisations to prioritise their security measures accordingly. 

However, currently only a small percentage of AI research spending is dedicated to security. As the threats evolve, the necessary investment to counter them will have to be made. Necessity is the mother of invention after all…

AI poses a significant risk in cybersecurity, with the potential to expedite cyberattacks using advanced tools with features such as machine learning and automation. Another factor is the sheer speed with which AI could launch a coordinated attack against an individual or an organisation. While humans are still trying to work out the first piece of the puzzle, AI could be a great many steps ahead of them. 

In the world of cybersecurity, is AI a friend or a foe? There are two ways to look at this: 

  1. AI, like people, can be on either side of this virtual conflict. Which side is chosen will come down to circumstances, necessity, and avarice.
  2. AI can be a tool in the armouries of both cyber security practitioners and cyber criminals. It has the potential to make both parties’ lives easier, but this does not come without risks. The more hands-off such tools are, the greater free reign that they have. In these circumstances, cyber weapons that learn as they go along could yield some interesting and potentially unexpected consequences…
Some think that to mitigate the risks and maximise the benefits, safeguards need to be built into AI systems from the start, ensuring they are secure by design. This is a rather naïve notion for a couple of reasons. The first is that the genie is already out of the bottle and AI is already helping cyber criminals. The second reason is more interesting though: what happens when in the AI’s opinion, the best defence is actually a very good offence? 

Currently, the state of AI’s development is comparable to when the Wright brothers had just successfully demonstrated heavier-than-air flight for the first time. What happens when AI reaches the same level of development as the Eurofighter Typhoon? How can elementary morals and ethics be programmed so intrinsically into a machine that can capture so much information so quickly and is, in its own right, extremely capable of free thought? Even if we manage to somehow instil our morals and ethics into the AIs that we make, how do we ensure that everyone else in the world does this?

One thing is for sure, the next few years are going to see some very interesting developments in the deployment of AI in both cyber defence and cyber offence.