AI In Cybersecurity: The Villain and the Hero

Solutions Review’s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Dor Dali of Cyolo breaks down the duality of AI in cybersecurity; how it can be both the hero and the villain of the industry.

The recent rise in popularity of artificial intelligence (AI) large language models (LLMs), including OpenAI’s ChatGPT and Google’s Bard, has sparked feelings ranging from shock and excitement to fear across multiple industries. Some sectors, including education, have condemned these types of software due to their ability to enable users to easily and accurately generate fraudulent content. In the cybersecurity world, industry professionals fear that hackers can leverage these models in the same way. In this case, enhancing human-centric cyber-attack methods against employees, including social engineering-based techniques like phishing, scareware, and baiting.

However, AI isn’t solely a villain. For cybersecurity, it contains beneficial abilities capable of bolstering security leaders’ cyber defense strategies. In fact, AI has the potential to assist security leaders with strengthening various tactics, such as enhancing access control and authentication measures across an organization’s digital landscape. To further understand AI’s potential within the cybersecurity world, let’s dive into its capacity to act both as the villain and the hero.

AI in Cybersecurity: The Villain and the Hero

AI’s Potential for Evil

While AI technology has helped hackers in their cyber-attack efforts for quite some time, recent LLM upgrades within applications such as ChatGPT have made it exponentially easier for cyber-criminals to carry out successful attacks.

With these new language models, AI can outpace many organizations’ current security postures and place infrastructures at risk in a few ways, including:

• Enhanced Social Engineering Attacks: By leveraging LLMs, malicious actors are empowered with advanced capabilities to enhance social engineering and phishing attack methods. With 82 percent of cyber-attacks currently involving a human element, it’s critical for organizations to ensure their defense strategies include effective identity-based management tools capable of combatting advanced AI-enabled attacks. This will help eliminate the threat of sensitive employee data being leveraged to carry out devastating breaches.
• Increased Malicious Offensive Strategies: Along with accelerating the effectiveness of human-based attacks, LLMs can also supply hackers with multiple offensive strategy solutions. This is accomplished by feeding the AI with various prompts about the scenarios the threat actors are facing. The LLM then provides the user with helpful information about ideas and techniques that can be used to issue an offensive strike. With modern cyber-attacks already testing the limitations of traditional security measures, the need for a comprehensive and proactive approach to security within organizations will become paramount.
• Potential Information Leakage: Aside from the external threats AI poses to organizations’ infrastructures, LLMs can also be leveraged to compromise sensitive data internally, unintentionally, or intentionally. Take, for example, an employee eager to indulge in the “hype” of modern LLMs and deploy an AI language model within their work environment. They may unintentionally engage in information leakage – sharing classified information with these models to help simplify their work.

As LLMs continue to evolve and gain popularity, businesses will need to diligently monitor the use of these tools across internal and third-party users and ensure all critical data remains protected and within the company’s perimeter.

Leveraging AI For Cyber Defense Success

As LLMs continue to develop, the cybersecurity industry will also further its usage of this technology. We may see further exploration processes in application security, infrastructure security, incident response, compliance, and many more. In fact, the current AI in cybersecurity market growth rate is valued at USD 22.4 Billion and is expected to grow to USD 60.6 Billion by 2028. Currently, AI can be leveraged in a range of modern security practices, including those that deploy zero-trust frameworks. More specifically, security leaders can leverage AI-enabled tools to bolster identity-management defense strategies, including:

• Improved Access Control: Verizon’s 2022 Data Breach Report revealed that 61 percent of all breaches involve stolen credentials. With climbing rates of compromised employee information, enterprises’ integration of identity-based security measures is imperative. Fortunately, AI’s automation capabilities extend beyond its potential to maliciously automate credential theft techniques and can be leveraged to make access control measures increasingly dynamic. This can be achieved by automating incident investigation and response procedures – recognizing user patterns and behaviors more accurately. Thus, alerting and blocking any uncharacteristic attempt to access critical assets.
• Accurate Authentication: As many professionals know, authentication is critical to cybersecurity. While modern authentication techniques, including MFA, have evolved to increase identity protection, hackers have expanded their fluidity as well– leveraging tools like AI to enhance their traditional attack methods. This increased risk places an imperative on security leaders to integrate high-risk identity solutions that stay one step ahead of threat actors and enable continuous, effective authentication. By doing so, they have access to modern AI-enabled authentication abilities, including automatically assessing a network’s risk score, monitoring, and recording login attempts, and quickly pinpointing the geographical locations of connected devices.

The Future of AI in Cybersecurity

While AI is not perfect and can still provide inaccurate information, it should not be disregarded. Both the risks and rewards of AI within the cybersecurity industry are exponentially rising, and with recent major investments from large corporations in this technology, there’s no sign of its development slowing down. Because of this, it is very important for businesses to keep up with the latest developments in AI technology and learn how they can be used to improve their cybersecurity plans. By doing so, they can effectively mitigate potential risks and leverage the benefits of AI to improve their overall security posture.