4 Key strategies for leveraging AI against cyber threats

Cyber criminals are using AI to power up their attacks with enhanced phishing content, deepfakes, and detection evasion techniques. At the same time, cybersecurity professionals are developing more sophisticated strategies for leveraging AI in cyber defence systems; and these advancements in AI-driven cybersecurity will drive a more secure future. 

Informa Tech’s AI Summit and Black Hat USA recently shared with us a collaborative report entitled How Gen AI Is Revolutionising Threat Detection in Cybersecurity. Based on that report, here’s our overview of the key strategies business leaders and cybersecurity professionals can use to leverage AI against cyber threats. 

1. AI is enabling proactive threat detection 

Cybersecurity professionals are increasingly using GenAI to transition from reactive to proactive cybersecurity in order to detect new, sophisticated threats before they become a problem. 

By investing in proactive security measures, organisations can methodologically address the specific circumstances within their networks that create vulnerabilities that might be exploited by threat actors. Those circumstances vary between organisations, but they might include complex networks of IT endpoints and assets; vulnerable or out-of-date software; inadequate authentication processes; software misconfigurations or missed updates; and more. 

2. AI can enhance threat intelligence

Instead of relying on human threat analysts to gather and interpret data, GenAI enables organisations and cybersecurity teams to quickly make sense of vast volumes of structured and unstructured data. 

It can take all of this data and identify patterns and anomalies that might be missed by human analysts – and it can do this very quickly, cutting out hundreds of hours of human labour. 

3. GenAI offers more efficient threat detection 

A critical point is that GenAI, and all AI models that might be used in cybersecurity settings, have the capacity to augment – rather than replace – human intelligence. 

Cybersecurity professionals are overwhelmed – a fact which is evident in the levels of systemic burnout in the industry. GenAI provides an opportunity to ease the workload on human shoulders and speed up security MTTD/R (Mean Time to Detect and Resolve) at the same time.  

4. AI can speed up the recovery process after an attack

AI can aid data backups, incident recovery, and patch management – and overall, it can significantly reduce the time it takes to restore functionality to data and systems after a breach. 

Artificial intelligence systems can automate the process of recovering or replacing lost or corrupted files, and AI-powered patch management can rapidly secure vulnerabilities in a network so the organisation’s operations can resume as quickly as possible. 

Human cybersecurity professionals still matter

Artificial intelligence can do a lot, but it can’t do everything. In the current landscape of AI and cyber risk, any use of AI-powered security should only happen in conjunction with human expertise and guidance. 

While AI can overcome some of the human limitations that can increase cyber risk (such as the propensity for human error), it also has limitations of its own. In particular, current AI models often fail to see the big picture; they’re adept at identifying and flagging patterns and anomalies, but they don’t have the context to understand those data points from a holistic viewpoint. 

And it’s important to retain a clear view of the biases that have been trained into AI models, depending on the data used in their development. Any bias can drive inaccurate interpretations of data, and inadequate outputs; so humans must systematically evaluate AI outcomes, as well as the quality of data inputs. AI bias could lead a system to overlook certain kinds of threats, for example – leaving the network exposed. 

Join us at Black Hat MEA 2024 and discover how to improve your organisation’s cyber resilience.