The Impacts of AI on Cybersecurity
Abraam Ibrahim, 2024 Commonwealth Cyber Initiative InternIntroduction
In 2024, an estimated 77% of businesses were either using or were exploring the use of Artificial Intelligence (AI) tools in their business processes (National University, 2024). The light-speed pace of AI development and adoption has massive implications across all industries and sectors. Finance experts using AI to assist in trading, doctors using AI for ultrasound measurement, and factory owners employing AI to create smart factories are just a few examples. The ever-advancing field of cybersecurity, already well-known for its rapid acceleration, is among the most impacted by this AI revolution.
This article explores the anticipated impacts that the rise of AI could have on cybersecurity, and how AI's ability to enhance authentication, automate tasks, and improve threat detection and response is revolutionizing the field while simultaneously introducing new challenges and threats.
The Power of AI in Cybersecurity
AI can streamline and automate a wide variety of security tasks. Authentication, incident response, threat detection, intelligence, and other tasks can be significantly improved or even replaced with AI assistance. By leveraging natural language processing (NLP) and deep learning (DL) capabilities, security experts can make cyber operations more effective and efficient. Similarly, AI integration into security solutions will enhance the overall security posture of organizations by enabling faster and more informed response and defense measures, ultimately reducing the time to detect and mitigate threats.
AI in Authentication
Authentication, the process of validating users, has always been an indispensable guard against security breaches. As the thinking goes, if malicious parties can be prevented from ever gaining access to a target (database, account, server, etc), then all damage can be mitigated preemptively. Accordingly, cyber professionals have created increasingly secure login methods to enhance security and user convenience (biometric, MFA), which have now become the industry norm.
With the advent of AI-enabled machine learning algorithms, security professionals are now employing user behavior analytics (UBA) to detect unusual activity during a sign-in attempt. An algorithm can take various inputs, such as the typing speed, cursor movement, touch input, and biometric data (voice, fingerprints) to determine the validity of an individual request and authenticate legitimate while flagging and reporting suspicious sign-in attempts.
Cybersecurity Automation
AI’s ability to tirelessly sift through massive amounts of data has profound implications for the industry. AI will enable professionals to focus their time on the most important areas while providing cost-saving benefits due to increased efficiency.
CrowdStrike’s Charlotte GenAI solution is a prime example of this. Charlotte can automate threat detection and data collection while providing a summary of critical alerts and threats, relieving security teams of the need to tediously sort through hundreds of daily alerts. Charlotte also provides recommendations on how best to mitigate threats as well as the ability to ask specific questions on metrics, system status, current threats, vulnerabilities, and more. Additionally, Charlotte supports native workflow automation, allowing teams to execute scripts or playbooks that take care of threats (killing processes, quarantining files, etc) without the need for human intervention. With all of these tools combined, security teams that implemented CrowdStrike’s GenAI solution saw an average of 2-hour productivity savings thanks to its automation capabilities (CrowdStrike, 2023).
Threat Detection and Response
Threat detection and response are perhaps the most affected by the integration of cybersecurity with AI. With the emergence of increasingly sophisticated attacks (e.g. polymorphic malware, fileless malware) that avoid detection by traditional signature-based defenses (e.g. firewalls, antivirus software), the industry is moving towards a new method of threat detection.
Traditional cyber infrastructure relies on an increasingly antiquated method of threat detection known as signature detection, where a large database of known threats is compared against signatures (e.g. packets, file data) of current network traffic, system files, and other threat sources. While effective against known threats, this method leaves systems vulnerable to more silent forms of malware as well as zero-day attacks.
To compensate, companies will need to shift to solutions that employ User and Entity Behavior Analytics (UEBA) as a major component of their security framework. UEBA is an emerging cybersecurity solution that harnesses the capabilities of deep neural networks and machine learning. UEBA trains algorithms on what is considered ‘standard’ user and device traffic and behavior, allowing it to detect and report irregular activity. Depending on configurations, a UEBA system may have the capability to disconnect devices that exhibit unusual behavior to prevent attacks preemptively. The implementation of AI-powered solutions such as UEBA will give security teams enhanced capabilities in detecting zero-day and advanced forms of malware, enabling them to combat the endless advancement of digital threats.
Conclusion
AI is a tool with incredible potential. It can be used for both beneficial and destructive purposes. Hackers and bad-faith actors are already exploiting the power of AI for malicious purposes, making it all the more pertinent that security companies stay on the bleating edge of artificial intelligence. In addition, with the adoption of powerful technologies, human oversight will need to remain a critical consideration as the discretion of security experts will be necessary to harness the full potential of AI-powered solutions. Meanwhile, companies should pursue AI training for employees to ensure responsible usage as well as continue investing in the development of the technology to stay ahead of threats in the relentless digital landscape.
About the Author
I’m Abraam Ibrahim, an intern at the Virginia Tech Thinkabit Lab in Falls Church, VA. I’m a senior at John Champe High School in Aldie, VA, as well as The Academies of Loudoun in Ashburn, VA. At the Thinkabit Lab, I had the opportunity to research AI’s impact on Cybersecurity in terms of both offensive and defensive security as well as a unique hands-on experience fostering STEM passion in students. I have a deep interest in Cyber and IT topics and intend to pursue a career in cybersecurity with a particular interest in networking and ethical hacking.
Feel free to connect with me and share your feedback or comments:
References
Balbix. (n.d.). Using Artificial Intelligence in Cybersecurity. Balbix. Retrieved July 16, 2024, from https://www.balbix.com/insights/artificial-intelligence-in-cybersecurity/
Brancati, M. (2023, October 5). IBM Announces New AI-Powered Threat Detection and Response Services. IBM Newsroom. Retrieved July 18, 2024, from https://newsroom.ibm.com/2023-10-05-IBM-Announces-New-AI-Powered-Threat-Detection-and-Response-Services
Corelight. (n.d.). What Is Signature-Based Detection? Corelight. Retrieved July 17, 2024, from https://corelight.com/resources/glossary/signature-based-detection
Crowdstrike. (n.d.). Charlotte AI: Generative AI for Cybersecurity. CrowdStrike. Retrieved July 24, 2024, from https://www.crowdstrike.com/platform/charlotte-ai/
Dilmegani, C. (2024, January 16). Manufacturing AI: 15 tools & 13 Use Cases / Applications. Research AIMultiple. Retrieved July 16, 2024, from https://research.aimultiple.com/manufacturing-ai/
Fortinet. (n.d.). How Artificial Intelligence (AI) Can Help With Cybersecurity Threats. Fortinet. Retrieved July 16, 2024, from https://www.fortinet.com/resources/cyberglossary/artificial-intelligence-in-cybersecurity
Fortinet. (n.d.). What is User Entity and Behavior Analytics (UEBA)? Fortinet. Retrieved July 16, 2024, from https://www.fortinet.com/resources/cyberglossary/what-is-ueba
Gates, M. (2024, April 1). Infographic: How AI is Changing Cybersecurity Jobs. ASIS International. Retrieved July 24, 2024, from https://www.asisonline.org/security-management-magazine/monthly-issues/security-technology/archive/2024/april/Infographic-How-AI-is-Changing-Cybersecurity-Jobs/
IBM. (n.d.). Artificial Intelligence (AI) Cybersecurity. IBM. Retrieved July 16, 2024, from https://www.ibm.com/ai-cybersecurity
IBM. (n.d.). IBM Cloud Pak for AIOps. IBM. Retrieved July 18, 2024, from https://www.ibm.com/products/cloud-pak-for-aiops
Morgan Stanley. (2023). AI and Cybersecurity: A New Era. Morgan Stanley. Retrieved July 16, 2024, from https://www.morganstanley.com/articles/ai-cybersecurity-new-era
National University. (2024). 131 AI Statistics and Trends for (2024). National University. Retrieved July 18, 2024, from https://www.nu.edu/blog/ai-statistics-trends/
Philips. (2022, November 24). 10 real-world examples of AI in healthcare. Philips. Retrieved July 16, 2024, from https://www.philips.com/a-w/about/news/archive/features/2022/20221124-10-real-world-examples-of-ai-in-healthcare.html
Poireault, K. (2024, July 10). Russian Media Uses AI-Powered Software to Spread Disinformation. Infosecurity Magazine. Retrieved July 16, 2024, from https://www.infosecurity-magazine.com/news/russia-rt-ai-software/
RidgeSecurity. (n.d.). Automated Penetration Testing Tool | RidgeBot. Ridge Security. Retrieved July 18, 2024, from https://ridgesecurity.ai/products/pentesting-methodology/
Sophos. (n.d.). What Is AI in Cybersecurity? Sophos. Retrieved July 16, 2024, from https://www.sophos.com/en-us/cybersecurity-explained/ai-in-cybersecurity
No comments:
Post a Comment