AI For Security Capabilities

11072909869?profile=RESIZE_400xThe cost of cybercrime is expected to hit $8 trillion in 2023 and grow to $10.5 trillion by 2025.  In a world where sophisticated hackers find creative new ways to pounce, companies constantly try to stay ahead and not become the latest cyberattack headline.  Skilled cybersecurity professionals are in demand, investments in cybersecurity technologies are at all-time highs, and state and national regulations abound.  The US government issued a new cybersecurity strategy memo in early March, calling on tech companies to take greater responsibility in assuring that their systems cannot be hacked and requiring them to meet minimum cybersecurity standards.

Whether securing critical infrastructure or safeguarding inboxes, organizations must optimize their cybersecurity strategies now. Most are headed in the right direction, as 52% of organizations plan on increasing IT spending in 2023—with cybersecurity and AI being top priorities.[1]

However, investing in the latest technology alone is not enough to stay ahead of these modern threats, nor is it enough to align with the latest cybersecurity strategy proposed by the White House.  Companies must also factor in the importance of intelligence sharing and the critical role that human insights play in a cybersecurity strategy.

The Role Of AI In Cybersecurity - Thanks to the ability to reduce workloads, automate manual tasks and accurately detect and predict threats, AI has become increasingly important in cybersecurity technology.  VentureBeat cited an IDC study that found "AI in the cybersecurity market is growing at a CAGR of 23.6% and will reach a market value of $46.3 billion in 2027."  A report from IBM shows that 64% of respondents have already implemented AI for security capabilities, while 29% are evaluating it.

AI can enhance security measures and identify potential threats before they cause harm.  AI-based solutions can look beyond known threats like malicious links and attachments to decipher a message's intent and detect socially engineered attacks.  Over time, AI tools can work as a virtual SOC analyst, continually learning from the industry, the company, and flagged communications to improve the accuracy of detection and remediation.

AI can also impact threat detection and prevention, malware detection, authentication, access control, incident response, and predictive analytics.  Many security providers today leverage the power of AI and machine learning models to detect and remediate cybersecurity threats based on known attack data that is fed into the models.

See: https://redskyalliance.org/xindustry/artificial-intelligence-made-me-write-this

Is AI Enough?  While AI has proved to be a powerful tool in the realm of cybersecurity, it's important to acknowledge its limitations.  The World Economic Forum warns that the increasing sophistication of cybercriminals renders even the latest cybersecurity measures obsolete. Here are some reasons why relying on AI alone for cybersecurity may not be enough.

AI algorithms learn from historical data, making anticipating new advanced threats or zero-day attacks difficult.  It can also be prone to false positives, which can cause unnecessary disruption and confusion among security professionals and can be vulnerable to hackers who attempt to manipulate the algorithms.

In addition, AI lacks context and may not have the necessary knowledge to understand the significance of a specific event or activity, and its limited scope may not address more complex security challenges that require a broader understanding of an organization's security posture.

Organizations must look to implement a multilayered cybersecurity approach that includes AI and human insights.

The Role Of Human Insights - While AI can quickly analyze large amounts of data and make many processes more efficient, it's important to recognize that it cannot replace human expertise and judgment in cybersecurity.  According to the "AI in Cybersecurity Market" report, the belief that AI can replace human judgment is a "misconception"; the human element is unrivaled in creating detection criteria, researching emerging threats and building playbooks.  These are "all distinctly human tasks that AI can assist with but cannot fully perform on its own."

Human oversight and intervention are still necessary to ensure that AI-based security solutions work effectively.  Hiring or developing skilled cybersecurity professionals to assist with decision-making and policymaking is important.  Gartner, Inc. released its top cybersecurity trends for 2023 and stated that "a human-centered approach to cybersecurity is essential to reduce security failures.  Focusing on people in control design and implementation, as well as through business communications and cybersecurity talent management, will help to improve business-risk decisions and cybersecurity staff retention."

Companies should also integrate practices like regular security awareness training and simulation testing into their cybersecurity strategies. For our organization, security awareness training isn't completed once during the year to check a box.  We regularly perform SAT campaigns for our employees because we have a firm belief that the better we educate our employees, the more effective they will be at recognizing the latest attacks and flagging anything that looks suspicious in their mailboxes.

Finally, collaboration is crucial. Organizations can combine their collective knowledge and insights to keep up with attackers and stay ahead of the latest threats.  This is especially important in today's rapidly changing landscape of cyber threats.  Sharing real-time threat intelligence can help companies proactively anticipate and respond to emerging and active threats before they cause damage.

The Perfect Cybersecurity Team - In today's cybersecurity landscape, companies need more than just technology to protect themselves from cyber threats.  Even the new national cybersecurity strategy memo recognizes the importance of combining technology with collaboration and human insights, stating: "We must complement human-to-human collaboration efforts with machine-to-machine data sharing and security orchestration.  Realizing this model will enable real-time, actionable and multi-directional sharing to drive threat response at machine speed."

While AI is a powerful tool with many uses across industries, humans' role in cybersecurity is still critical to protecting organizations.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization.  For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225, or feedback@redskyalliance.com

 

Weekly Cyber Intelligence Briefings:

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/5504229295967742989

 

[1] https://www.forbes.com/sites/forbestechcouncil/2023/05/05/you-must-look-beyond-ai-to-stay-ahead-of-todays-cybersecurity-threats/

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!