The Future of AI in Cybersecurity
With the ever-increasing power of AI comes the need for cybersecurity professionals to adopt generative AI and tackle the complexities that arise. As adversaries continuously evolve their tactics and combine social engineering with AI, many leading companies have been humbled in recent times. To gain insights into the future of AI in cybersecurity, VentureBeat conducted interviews with 16 cybersecurity leaders from 13 companies. Here are their predictions for 2024:
The Importance of Collaboration
According to these leaders, establishing a strong collaboration between AI and cybersecurity professionals is crucial. Despite the advancements in AI, human insight is still essential to unleash its full potential against cyberattacks. As Michael Sherwood, the chief innovation and technology officer for the city of Las Vegas, stated in an interview with VentureBeat, “The combination of human insight and intelligence with AI identifies and crushes breaches before they grow.” This notion is further supported by MITRE MDR stress tests, which have quantifiably proven the value of human-AI collaboration.
Gen AI’s Impact on Cybersecurity
“It could improve by the ability to pick up patterns (like attack patterns or an emerging CVE or just certain behaviors that indicate an attempted breach or even predicting that the L3 DDoS attack is a distraction for the credential stuffing they are missing). I also think that AI will make it more difficult, too. Detectors can’t tell the difference between a human-generated and AI-generated phishing attack, so they’ll get much better.” – Peter Silva, Ericom, Cybersecurity Unit of Cradlepoint
“In 2024, CrowdStrike expects that threat actors will shift their attention to AI systems as the newest threat vector to target organizations through vulnerabilities in sanctioned AI deployments and blind spots from employees’ unsanctioned use of AI tools.” – Elia Zaitsev, CTO CrowdStrike
According to Elia Zaitsev, organizations are still in the early stages of understanding threat models around their AI deployments and monitoring unsanctioned AI tools introduced by employees. These blind spots and new technologies create opportunities for threat actors to infiltrate networks and access sensitive data. The use of new AI tools without oversight can also lead to data protection risks and unauthorized sharing of corporate data. Zaitsev emphasizes the need for organizations to assess their risk posture, create guidelines, and ensure secure and auditable AI usage in order to minimize company risk and maximize value.
“Gen AI will be a net positive for security, but with a large caveat: It could make security teams dangerously complacent. I fear that an overreliance on AI could lead to a lack of supervision in an organization’s security operations, which could easily create gaps in the attack surface.” – Rob Gurzeev, CEO, CyCognito
Rob Gurzeev cautions against the assumption that AI alone can handle all security operations without human insight. He warns about the dangers of complacency and emphasizes the importance of maintaining a balance between AI and human supervision in security operations.
“Critical infrastructure has always been a prime target for malicious actors. However, gen AI lowers the bar by enabling less experienced malicious actors to generate malware, initiate sophisticated phishing attacks, and perform automated penetration testing.” – Jason Urso, CTO, Honeywell Connected Enterprise
Jason Urso highlights the potential for gen AI to enable less experienced malicious actors to carry out attacks on critical infrastructure. He predicts that gen AI will be used for closed-loop operational technology (OT) defense, dynamically altering security configurations and firewall rules in response to changes in the threat landscape.
“2024 will spark more anxiety among workers about the impact of AI on their careers. Business leaders need to be clear and transparent with workers on how they plan to implement AI so that they retain talented employees – because reliable AI requires human oversight.” – Srinivas Mukkamala, Chief Product Officer, Ivanti
Srinivas Mukkamala points out that the increasing use of AI in the workplace may cause anxiety among workers about the potential job displacement. It is crucial for business leaders to communicate effectively with their employees about AI implementation and emphasize the need for human oversight.
“Right now, security analysts have to be this kind of unicorn, able to understand not only how the attackers might get in but also how to set up complex automation and queries that are highly performant over high volumes of data. Now gen AI will make it possible to interact with data more easily.” – Matt Kraning, CTO of Cortex, Palo Alto Networks
As Matt Kraning suggests, gen AI can simplify the work of security analysts by making it easier to interact with and analyze large volumes of data. This will help streamline threat detection and response processes.
“Fraudsters are using gen AI to scale up their attacks. In 2024, I believe the ability of consumers to easily decipher legitimate from fraudulent emails and texts will nearly be erased. This will accelerate the actions that businesses are taking to bolster defenses.” – Christophe Van de Weyer, CEO, at Telesign
Christophe Van de Weyer warns about the increasing use of gen AI by fraudsters to create highly realistic phishing messages. This will make it more challenging for consumers to differentiate between legitimate and fraudulent communications. Businesses will need to enhance their defenses to mitigate the risks posed by these advanced phishing attacks.
“Whilst trying to avoid a lot of the guff around AI, the technology is ideally suited to solve some of the security industry’s most difficult problems around threat detection, triage, and response. As a result, in 2024, we’ll see AI transform the necessary skills required of CISOs once again.” – Rob Robinson, Head of Telstra Purple EMEA
Rob Robinson believes that AI is well-positioned to address complex challenges in threat detection, triage, and response. As a result, the role of chief information security officers (CISOs) will evolve to incorporate AI-related skills and expertise.
