• Organisations are embracing AI, but at the same time the technology is exposing them to new security threats.
  • AI can be used in cyber security to help detect and mitigate threats, as well as build resilience into organisational operations.
  • Clear measures must be put in place to ensure the AI for cyber is adding value to a company’s overall cyber security strategy.

Cyber attacks and threats are considered major disruptors to businesses, nations and consumers alike. Artificial intelligence is seen as a major disruptive force too, but of the positive kind, fuelling a new era of hyper connectivity, hyper intelligence and hyper performance.

An increasingly complex business environment is leading organisations to embrace forms of artificial intelligence such as machine learning and facial recognition technology, while using data to build more intimate relationships with consumers. But the flip side of these innovations is that the ’attack surfaces’ of an organisation are multiplying, creating a fast-growing world of vulnerability to cyber crime that didn’t exist before.

At the same time, AI use is on the rise among cyber criminals, who are using it to help drive attacks, employing the technology to uncover unsecured points of entry in enterprise networks. And there are documented cases of criminals using deepfake technology to imitate the voice of company CEOs,1 leading to the Israel National Cyber Directorate warning against phishing attacks that are being used to demand access to secure networks, or ever money transfers.2 In response to these growing threats, China passed a law that makes it a criminal offence to publish deepfakes or fake news without disclosure, while California criminalised the use of the technology in political advertising.3

The question organisations are facing as they increasingly rely on AI in their business operations, is can the opportunities offered by AI be leveraged in cyber security to help better prepare, detect and respond to cyber threats or will it further propagate them?

AI for cyber security

In October 2019, the World Economic Forum ranked cyber attacks among the top ten global risks of highest concern, tipped to cost business an estimated $US90 trillion over a ten-year-period.4 In fact, according to PwC’s 2019 Digital Trust Insights survey of 3,500 global organisations, 47 percent said they had experienced operational downtime due to a cyber incident between 2017 and 2019.

Companies need to improve the speed at which they detect cyber threats because hackers are now employing AI to discover points of entry in enterprise networks. Deploying AI software to guard against AI-augmented hacking attempts has therefore become a necessary part of cyber security defense protocols.

For instance, AI, when used with cyber security, can accelerate processes such as phishing detection via image recognition and automated tracking. Techniques such as natural language processing, data collection and automation can help organisations classify data more effectively, creating better safeguards against future data leaks. Platforms that use machine learning can help companies detect suspicious changes in behaviour and draw on the power of ‘deep learning’ to fend off predicted cyber attacks.

The growing relationship between AI and cyber security has given rise to platforms and technologies that are leveraging big data, AI and automation to make accurate decisions in cyberspace as well as help scale the cyber operations at a much faster rate than is possible with manual human analysis.

But how can organisations use AI to become more resilient to cyber crime and anticipate and respond to changes in the threat landscape over time? Here are three strategies for putting AI as a core component of your cyber security strategy – and set the stage for secure growth no matter what.

1. Identify the cyber security areas where AI can be applied (and will be most effective)

It’s easy to be overwhelmed by the various forms of AI – indeed, there are multiple ways they can strengthen your approach to cyber defence. But there’s no point implementing AI across your cyber security if you don’t think seriously about your business imperatives first. A good cyber security strategy should be centred around factors such as customer trust and risk ratings. That’s why it’s critical to consider where AI will bring the most value from a cyber security perspective. Examples include using AI to automate security operations and enable human-like decision making, ensuring that the vulnerabilities in your environment are classified and rated appropriately for remediation, implementing machine learning algorithms to look for anomalous user behaviour or using natural language processing to classify sensitive data in order to better protect it from future threats.

The power of AI for cyber is about automating manual processes or detecting potential attacks before they happen. But moreover, it’s also about the ability for AI to adapt its detection mechanisms to better understand and respond to the changing threat landscape as cyber criminals become more sophisticated.

2. Invest in developing AI-driven cyber security models to augment current cyber capabilities

Organisations are becoming increasingly wise to the ways in which AI is revolutionising cyber security. According to the Digital Trust Insights survey, 41 percent say that their cyber security team uses automation and emerging technologies for threat intelligence, defence and recovery. AI driven cyber security models can run alongside existing automation engines to help take decisions that need intelligence and sophisticated interpretation capabilities.

These models use advanced techniques that can in turn help with analysis. Some additional examples include the following:

  • Help improve the quality and efficacy of cyber security operations
  • Identifying abnormal patterns in Identity Operations
  • Better detection and response
  • Improved classification of data
  • Prioritisation of vulnerabilities
  • Deepfake detection and analysis

3. Measure the ways in which AI is adding value to cyber security capabilities

Once you’ve started exploring the relationship between AI and cyber security and identified the areas of focus and connections between the two, it’s important to think about how you would measure and invest in AI-driven cyber initiatives for the health of the organisation.

An AI-driven cyber strategy should promote a proactive approach in anticipating and responding to the threat landscape, while fostering data-driven intelligence that grows and evolves at scale. Organisations need protocols in place to measure the ways in which AI and cyber security are working together and govern cyber security strategies.

AI is proving the power of technology to augment human decision making and build trust, and in the process, reimagining cybersecurity in the process. Ultimately, an AI-enabled cyber security will lay the foundation for a smarter organisation that holds resilience and intelligence at its heart.

 

Contributor

Umang Handa

Umang is a director in Cyber Security with PwC Canada

More About Umang Handa