The evolution of cybersecurity and AI
Over the past 12 months, the role of generative artificial intelligence (GenAI) has evolved in cybersecurity contexts. Organizations are no longer asking whether they will use the benefits of GenAI to contribute to cybersecurity, but rather how these benefits will be leveraged. used.
2024 in particular has seen an increase in investment in GenAI, with a mix of risk management alongside the introduction of new capabilities through AI. According to a recent PwC survey, 74% of organizations increased their investments during this period to take advantage of new technology. However, 66% of security managers believe that their risk surface has increased as a result. So how can we ensure that AI is tailored in a way that minimizes cybersecurity risks?
There is much debate about the use of AI in cyber defense, perhaps more from the perspective that because bad actors are using this new approach, good actors are forced to do the same. But if we consider why AI should be used for cyber defense, the situation is somewhat different. The evolution of threats is real, but the evolution of Cyber Defense is also an aspect that can be controlled thanks to AI. Adapting the constant learning, analysis and updating of defense systems provided by alliance partners or developed internally allows an organization to monitor its threat environment in real time. This information can be used by a security team for real-time alerts. We are no longer faced with a reactive posture towards threats, we now have proactive threat hunting in real time which, if the LLM is structured to do so, will allow for an evolution of learning and continuous adaptation to threats .
Why not use GenAI as a component of your security and risk management? Although GenAI increases the cyber risk attack surface for most organizations, organizations can also use this same technology for cyber defense. For example, AI would be a useful tool for threat detection and response, threat intelligence, and malware/phishing detection. Introducing such an approach also means overcoming potential internal stakeholder distrust of GenAI, inadequate internal controls and risk management related to the use of GenAI and a lack of standardized internal policies governing the use of GenAI .
These are surmountable problems, and the use of GenAI in cybersecurity can provide a secure platform allowing GenAI to be used in more and more organizations, as risks can be monitored in real time and threats can be detected through a constantly evolving security model.
Statistics taken from PwC’s DTI 2024 report (https://www.pwc.com/dti)
Author: Neil RedmondCybersecurity Director, Watercraft and graduated from Executive MBA