The role of AI in Cybersecurity - Boon or Bane?

The global market for AI cybersecurity market is projected to grow at an astounding compound annual growth rate of 36% to reach USD 18.1 billion by 2023

The role of AI in Cybersecurity - Boon or Bane? - CIO&Leader

Reliance on Artificial Intelligence (AI) to combat cybersecurity threats is forecasted to increase by several orders of magnitude over the next five years. A report from P&S Market Research says the global market for AI cybersecurity market is projected to grow at an astounding compound annual growth rate of 36% to reach USD 18.1 billion by 2023. Due to the fast-paced digitization, organizations are increasingly under attack by malicious bots. Unfortunately, most web application firewalls don’t provide enough bot mitigation capabilities. There has been a new wave of industry growth, investment, and innovation, as a response to ever more targeted and sophisticated social-engineering attacks.

Cybercriminals have shifted their business model: Instead of casting a wide net and hoping that one in a million email recipients will fall for the scam, they launch targeted attacks against larger organizations to monetize with much greater payoffs. With antivirus solutions stopping spam and viruses, attackers started writing custom zero-day malware that could evade traditional anti-viruses. Soon, attackers realized that people are the weakest link in the chain and started launching phishing and ransomware attacks to effectively monetize their efforts. Attackers go to great lengths to personalize a message that will earn the trust of the recipient. 

Defending against attacks launched using AI models is, of course, going to require organizations to have access to AI models of their own to defend their organizations. To stop impersonation, one must understand internal patterns, who’s talking to whom, when, how frequently, is the conversation typically one way or not, which email addresses are they using, etc. An AI engine ingests many signals related to the metadata of the message (who’s sending to whom) and its content, which allows it to determine with a high degree of certainty whether the message in question is spear phishing. The AI engine is powerful because it identifies impersonation attempts and stops the attacks in real-time.  It also gives a view into those individuals who are at the highest risk of both being impersonated and being targeted.

The trouble is that building these AI models not only takes a lot of time and effort, it also requires organizations to have access to massive amounts of data to teach the machine and deep learning algorithms employed to create the AI model to recognize cybersecurity attacks. More challenging still, as the cybersecurity attacks evolve, those AI models need to be constantly updated. AI applications are only as good as the algorithms on which they are based. Those algorithms require access to massive amounts of data to identify patterns. It should combine three dedicated layers of defense: 

  • Artificial Intelligence (AI) Real-Time Spear Phishing Prevention
  • Domain Fraud Visibility and Protection
  • Anti-Fraud User Training

AI is paradoxical, while it is upgrading cybersecurity, cybercriminals already have the bots required to collect the data required to build AI models. They can also afford to recruit the expertise needed to build AI models. If it persists, AI can accelerate havoc and become perilous to cybersecurity. As it is still growing, its potential is incomprehensible, we cannot be certain that it will be helpful or adverse for cyber security. In theory, at least, the overall state of cybersecurity should improve. Simultaneously, it’s important that enterprises do as much as they can by combining the AI & conventional approaches to safeguard their organizations.

The author is Country Manager, Barracuda Networks


Add new comment