Artificial Intelligence in Cybersecurity

Written By Ashad El

One of the most controversial and widely discussed topics of all time… Artificial Intelligence.

From film to books to blogs, the benefits and dangers of AI is debated amongst academics and common people alike.  When we think of AI, we think of a robot with the ability to think, talk, and interact like a human, resulting in robots cognisant enough to take over earth and destroy the human race. Fictional AI systems like JARVIS from the Iron Man and Avengers movies and Agent Smith in the Matrix movies are what most think of when they are trying to narrow down an image of Artificial Intelligence, but AI does not always have to become human-like.  In fact, current AI programs are not even developed enough to parallel the fictional JARVIS. Much of the development of AI systems are for cybersecurity purposes, detection of cyber threats and split second responses are the ultimate goal for cybersecurity AI but this amount of efficiency is quite distant.  While Artificial Intelligence has the ability of “thought” congruent to a human brain, its ability to learn is still quite juvenile, requiring massive amounts of data to even reach a somewhat logical conclusion.  Today we’ll discuss the pros and cons of AI in cybersecurity, the current regulation practices, and where AI is set to go.  

Benefits of AI:

There are a slew of benefits AI provides within the cybersecurity field. It allows for more rapid response and identification of vulnerabilities/attacks than standard software driven and manual techniques; niche identification of threats specific to certain industries; inherently holds larger capacity for detecting evolution in malicious programs; aids business’ distinction between malicious bots, safe bots and human users for maximum marketing efficiency; and of course the obvious, can be continuously changed and updated on its own, learns on its own, does not require manual altering.

Let's get into some specifics shall we? 

  • Detection of threats is both faster and widespread as new malicious software patterns are created and destroyed by the minute, this means the AI system and not only identify even the smallest lapse in security systems, but also understand malicious patterns of change and lack the language barrier many traditional systems are inhibited by

  • Battling malicious bots is a skill traditional systems lack due to their inability to distinguish bots with malicious intent (such as stealing credentials, creating fake profiles, and breaching data) from safe bots (those designed for search engine use) from human users.  This distinction is crucial for figuring out which bots need to be warded off. AI can accomplish this distinction and report malicious bots that need attention, while collecting data for the website user to make their strategy more effective for human and safe bot traffic

  • Breach risk detection is another use of AI as it can collect all of the information about the assets of your IT department such as laptops, PCs, phones, tablets and figure out where and when breaches are possible.  This allows a greater chance not only at protecting those assets but allocating the correct funds and security measures to the correct area

  • Endpoint protection is an extremely important function with the rise of virtual work.  More personal computers and other systems have access to company information without necessarily being on a secure network. This is why AI is trained to constantly monitor and search for current and updated signatures that can potentially deliver viruses and malicious software to computers.  Traditional antivirus and vpns are solid solutions to this problem, but once a signature key is created or altered, it requires updates to the security system that must be initiated manually, and if someone is not constantly monitoring day and night for signatures and their meanings, this can prove devastating for your business. 

All these fantastic security practices huh?? Why wouldn’t everyone want to use AI to protect their critical systems?

Well in practice, AI has quite a few downfalls, especially in the infant stage it is contemporarily in.

Let's take a look at some shortcomings of AI:

  • AI is an expensive and time consuming alternative to traditional softwares, requiring exponentially more manpower and financial resources for its implementation

  • SInce AI is trained in data sets, it would require an enormous amount of data from malicious threats, safe occurrences, and anomalies/mistakes, that for many companies is simply out of the question to gather. This data also has to be from extremely reliable sources with absolutely no errors 

  • Erroneous data can lead to an erroneous AI system, pumping out false positives and completely incorrect information that may prove it hard for your business to create actionable security defenses 

  • AI is also used by malicious hackers which like ethical ones are updating and training their AI to complete more complex and detrimental attacks against businesses for their data and systems

  • Malicious hackers can also take advantage of existing AI systems within a business, training and molding them to their liking for large scale attacks. This also means the AI system would not alert administrators to potential attacks because the AI believes it is acting in the way it is supposed to.

  • Making AI the status quo for cybersecurity practices eliminate the careers and skill sets many within the industry make their livelihoods on, so while AI might accomplish some of these tasks faster than the human eye can blink, it would send millions of cybersecurity professionals to the office of unemployment

So as you can see, AI in cybersecurity might not be the best idea for maximum security practices, at least as of this moment. Although it can do some pretty fantastic things more efficiently than human comprehension can imagine, it can also lead to the downfall of the cybersecurity industry itself.

Even still the rise of AI in cybersecurity is set in stone.  According to data from Statista, Artificial Intelligence spending has gone from 700 million in 2016 to approximately 6.8 billion dollars in 2022. Not only that, but that number is predicted to increase by 63% in 2023. Businesses all over the world are turning to AI for securing their IT systems and assets, pouring ungodly amounts of money into developing the most efficient and intelligent AI security system. AI is on the come up whether you support it.

But like everything, there is debate over how and when to regulate AI. There is currently no legislation at the federal level and there are multiple bills being pondered at the state level regarding the safe use and application of AI, but there are multiple federal agencies that are beginning to develop and integrate AI into their security systems while promoting regulation within the businesses they work with.  Privacy is the most important factor in these regulations with the FDC and GAO emphasizing it within their AI regulation standards. It is the belief at Crest that AI should definitely be regulated, but because this is not just a United States issue, the federal government should not alone be responsible for its regulation. An international code and conduct with regards to implementing AI in security systems must be applied in order to ensure AI is being used ethically and safely within all countries, maximizing domestic and international security. 


AI beyond genocidal robots is quite a complex subject, but I hope this article gives you some more insight into the real world practicalities of Artificial Intelligence… 

now tell me,

are you for, or against the AI revolution in the Age of Information?

Ashad El
Previous

Cyber Awareness: Protect from Within
Next

National Security Intelligence