How AI is revolutionizing the cybersecurity landscape

ai’s role in the future of cybersecurity

(Image credit: Shutterstock / Ryzhi)

AI (opens in new tab) is revolutionizing cybersecurity (opens in new tab). From automatically detecting network irregularities, to deciding how best to allocate security (opens in new tab) defenses, some of the most data-intensive tasks are rapidly being taken over by machines that can compute at faster and higher rates than people.

About the author

Joshua Saxe is VP and Chief Scientist at Sophos (opens in new tab).

Cybercriminals however, know this. While AI has not been a major tool for attackers thus far, it has potential. Even now, the early examples of attackers using new, easily accessible open-source AI technology to create fake photos, videos and speech as part of phishing (opens in new tab) campaigns suggests a future where AI is widely used by criminals and nation-state cyber actors.

But AI can be used for good too. Just as attackers will fold it into their attack methods, security researchers have spent years creating defensive applications for AI. This isn’t a “fight fire with fire” approach, though. AI-backed security doesn’t necessarily thwart AI-backed attacks, or vice versa. But what AI can bring to the table is to provide a broad boost in efficacy to cybersecurity products and services, helping organizations deflect, isolate or prevent attacks from an increasingly complex threat landscape.

AI for pattern matching and threat detection

Until the past half decade or so, most cyber threat detection was performed using small, hand-written pattern matching programs called “signatures”. The widespread adoption of AI has changed this. Now, security vendors are on a long march to augment signature-based detection technology with AI in every context for making detections: detecting phishing emails (opens in new tab), malicious mobile apps, malicious command executions and the like. This should come as no surprise, after all, AI-enabled analytics has even helped to discern the jargon and code words hackers develop to refer to their new tools, techniques and procedures. It was AI that discovered the term ‘mirai’ was being used by hackers to mean ‘botnet’.

This doesn’t mean, however, that AI will replace signatures. In fact, replacing signature techniques with AI can increase detection rates – but will also lead to false positives as they do. To avoid this, the two technologies should be combined together complementarily. Whereas signatures are good at detecting known threats, AI algorithms are better at detecting previously unseen threats, thanks to their cybersecurity learning. Whereas signatures can be written and deployed quickly, AI technologies take a lot longer to train and deploy. And, while signature authors can control precisely what threats their signatures will and won’t detect, AI is fundamentally probabilistic and harder to control.

The good news about this trend of combining AI with signatures is that it’s making a significant difference in our ability to detect cyberattacks, particularly ransomware (opens in new tab), which was responsible for some of the biggest cyber incidents of the past year, including Colonial Pipeline, Kaseya and Kronos.

The future of AI in cybersecurity

Unfortunately, there isn’t much exploration beyond the narrow use case of AI being applied to detect attacks before they happen. But from optimizing and monitoring data centers, reducing the cost of hardware maintenance, and improving network security, security experts should keep pace with the latest developments. In the future, it’ll be necessary to explore new application areas of AI that can strengthen the lines against attack.

This is challenging, because it requires that cybersecurity leaders keep track of the rapidly evolving AI R&D space just as we track trends in cybersecurity practice and cybersecurity threats. But it’s too important a priority to forsake.

Some areas that the defensive cybersecurity community needs, urgently, to focus on, include:

  • AI models that can accurately predict which security cases analysts truly care about, and then intuitively cue up relevant information for security operators.
  • A natural language and visualization user interface, not unlike the way you can search for COVID-19 case numbers and Google will return the results in a neatly visualized case tracker graph. These technologies will surface and visualize relevant information during “live fire” cybersecurity incidents.
  • Natural language AI chatbots capable of understanding and answering open-ended facts or questions as they pertain to security incident response and investigation workflows.

Artificial intelligence and machine learning is a double-edged sword. While it can improve security, it can simultaneously make it easier for cybercriminals to penetrate systems with no human intervention. While we can count on cyber adversaries to get creative and act boldly in applying AI to their malware packages, AI should not be the tools of attackers alone. We need to continue to incrementally improve the AI we’re already using to improve cyberattack detection. And with the rapidly evolving and complex threat landscape we face, CIOs, CTOs, and IT and SecOps (opens in new tab) teams have to commit to exploring new and creative ways of applying AI technology that focus on helping the human operators that our network security ultimately depends on.

Keyword: AI’s role in the future of cybersecurity

TECH'S NEWS RELATED

Battlefield 2042's The Liquidators Event Arrives October 11 With New Mode And Free Login Rewards

The Liquidators event brings the new Tactical Conquest mode to Battlefield 2042 and more.

View more: Battlefield 2042's The Liquidators Event Arrives October 11 With New Mode And Free Login Rewards

Pixel Watch is here: Fitbit and Wear OS in a gorgeous round case

The new Google Pixel Watch is here and it's gorgeous

View more: Pixel Watch is here: Fitbit and Wear OS in a gorgeous round case

Google's Pixel Watch is finally here and it looks amazing

In brief: Google on Thursday unveiled the Pixel Watch, a flagship wearable positioned to go toe to toe with the Apple Watch and other mainstream smartwatches in the growing wearables category. The Pixel Watch features a 41mm case made of 80 percent recycled stainless steel that measures 12.3mm tall and ...

View more: Google's Pixel Watch is finally here and it looks amazing

We've Reached Peak Battle Pass, And I Can No Longer Keep Up With My Favorite Games

The ubiquitous battle pass system taking over every live-service game can be a blessing and a curse when playing our favorite games.

View more: We've Reached Peak Battle Pass, And I Can No Longer Keep Up With My Favorite Games

Official Steam Deck Docks Are Finally Shipping Out

Valve's official and svelte companion to its Steam Deck can recharge your unit and help you continue your game on a bigger display.

View more: Official Steam Deck Docks Are Finally Shipping Out

Babylon's Fall Dev "Extremely Sorry" For Fans' Disappointment, But Won't Give Up On Live-Service Games

Despite the game coming up short, Platinum Games is committed to making more live-service games.

View more: Babylon's Fall Dev "Extremely Sorry" For Fans' Disappointment, But Won't Give Up On Live-Service Games

LinkedIn Is Being Plauged by Fake Executive Profiles

Business network LinkedIn is currently being flooded with fake executive profiles that are causing confusion for companies hiring.

View more: LinkedIn Is Being Plauged by Fake Executive Profiles

Google Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: It’s No Longer About the CPU

Google Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: An In-depth Comparison (2022) Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: Specifications Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: CPU Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: GPU Tensor ...

View more: Google Tensor G2 vs Snapdragon 8+ Gen 1 vs A16 Bionic: It’s No Longer About the CPU

The Google Pixel Tablet Aims to Shake Up Your Smart Home

The Google Pixel 7 Arrives to Dominate Smartphone Cameras

Deathloop Is Free For Humble Bundle Subscribers This Month

No Place For Bravery (Switch) Review

Microsoft Increases Windows 11 2022 Update Rollout Speed

Pixel Tablet: Google Teases This Mysterious Device Yet Again

Laser engraver LONGER RAY5 10W can engrave more than 1000+ materials

Google Pixel 7, 7 Pro announced: Tensor G2 and software updates steal the show

The Dead Space remake's PC system requirements are fairly demanding

Google Pixel Tablet Previewed at Pixel 7 Launch Event

Mountain MacroPad + DisplayPad Review

Minecraft Mob Vote 2022: Everything You Need to Know

OTHER TECH NEWS

;