In an ever-changing digital environment, cybersecurity is the cornerstone of organizational integrity. With every technological advancement, a new wave of cyber threats emerges, undermining existing defense mechanisms. Cybersecurity is evolving. In this blog, I will share some ideas on where we are headed.
Why AI is a valuable tool in cybersecurity
When it comes to pure security, we have to dedicate most of our time, energy, and budget to certain aspects of our work. We can’t neglect tasks like incident response, threat hunting, and analyzing signs of compromise because that’s where it all begins.
AI has the tremendous ability to enable smarter decisions and faster, more accurate assessments, especially when looking at indicators of compromise. Third-party testing has confirmed how effective AI-powered endpoint protection platforms can be, and even which ones are the most effective.
There’s still room for improvement in how we use AI in security. Take your incident response team, which tends to be one of the most critical functions of any security team and one of the most expensive and difficult to staff. I think AI will have a bigger impact in helping this security function, and others, in the future.
By using machine learning algorithms, AI can analyze vast amounts of data in real time, allowing security teams to quickly detect anomalies and potential threats. Additionally, AI can automate repetitive tasks, such as reviewing logs and alerts, allowing human analysts to focus on complex cases that require deeper understanding and critical thinking.
Additionally, AI’s predictive analytics capabilities improve incident response by predicting potential attack vectors based on historical data. By simulating various attack scenarios, AI helps organizations refine their response protocols, ensuring they are prepared for a range of threats.
I recently appeared on the Unsupervised Learning podcast to discuss this topic. the full podcast here or watch clips in the videos below.
AI in Cybersecurity: What Leaders Are Doing
Companies at the forefront of AI in cybersecurity are doing things like sandboxing their own data lakes and then using AI to connect to them to make great automated decisions. There’s a lot of potential in that. If you’re a big company and you have a lot of data, this is a great solution.
I think it’s also important to look at the vertical or type of business you’re in to determine the need to focus on AI in security.
For example, if you’re a lumber distributor, you’re creating boards that will be used to build someone’s house. You may be concerned about protecting your financial data, your factory operations, and your company’s trade secrets. But your attack surface is very different than a company that develops security software, right?
A secure software developer may sell a product into a highly regulated environment. This type of company inherits part of its attack surface, which then becomes part of its supply chain and its customers’ attack surface. Each organization may see a different role for AI, and I think it’s imperative to put the need for AI in the appropriate context of enterprise risk management.
The irreplaceable value of human oversight in cybersecurity
While AI has and will continue to transform the cybersecurity landscape, it’s critical to recognize that it’s a tool for humans to use, not a replacement for human members of cybersecurity teams. Watch this clip to learn more:
One of the biggest challenges is the quality and quantity of data used to train AI systems. Insufficient or biased data can result in ineffective models that miss critical threats or produce false positives, which can undermine confidence in AI-based threat detection. Relying solely on AI can create a false sense of security, leading organizations to neglect the comprehensive security measures needed.
Additionally, AI excels at identifying known threats, but immature models often struggle to handle new, unrecognized attack vectors, leaving organizations vulnerable to exploitation. You can read more about efforts to overcome this problem in Predictive AI, what works and how to understand itwritten by my BlackBerry colleague who oversees the BlackBerry Product Engineering & Data Science teams.
And here’s a bonus for cyber defenders who embrace this technology: Those who can effectively leverage AI tools to enhance their analytical skills become essential to navigating the complex cyber threat landscape. While AI excels at automating a range of tasks, such as threat detection and data analysis, the complexity and unpredictability of cybersecurity threats demand human intelligence and nuanced decision-making.
Future predictions of AI and cybersecurity in 2025
When it comes to the cybersecurity landscape in 2025, a key trend is the expected increase in regulation and liability. Experts predict that governments and regulators will implement stricter guidelines, forcing organizations to improve their security protocols and adopt comprehensive compliance frameworks.
This changing regulatory environment will inevitably put pressure on businesses, prompting them to increasingly rely on security services such as Managed detection and response as a strategy to effectively mitigate liability and compliance risks. I also believe there will be an even greater focus on supply chain security, and I explain why in the video below. Click on the cube to watch.
Additionally, it is essential to continually adapt. Organizations must remain vigilant and proactive, to stay on top of ever-evolving threats. Failure to do so can result in costly data breaches and reputational damage.
AI is advancing at an unprecedented pace, and we can’t rest on our laurels. I believe businesses must leverage innovations to strengthen their defenses and respond quickly to emerging cyber threats. Ultimately, an agile strategy that integrates regulatory compliance with innovative technology will prove very beneficial for protecting businesses’ digital assets in the years to come.
To learn more about this topic, watch or listen to my recent interview on the Unsupervised Learning podcast.