Artificial Intelligence and Cybersecurity: What the future holds
The integration and use of software and technology solutions needs to be accompanied by relevant security measures. Cybersecurity is an ever-growing industry that is developing and evolving to protect individuals and organizations from cyber-attacks.
Artificial intelligence (AI) is slowly becoming an integral part of cybersecurity, helping organizations of different sizes and industries increase the efficiency of their cybersecurity. Information technology and telecommunications are some of the industries with the fastest and most advanced AI adoption process. Today, AI and machine learning algorithms are used to automate tasks, crunch data, improve cybersecurity, and make decisions at a humanly impossible speed.
The global market of AI in cybersecurity is expected to grow at a CAGR (Compound Annual Growth Rate) of 23.6% from 2020 to 2027, reaching $46.3 billion. According to the International Data Corporation (IDC), global cybersecurity spending will reach $174.7 billion in 2024, with security services being the largest and fastest-growing segment.
This will increase the importance of AI in cybersecurity and the fight against top security threats to look out for in 2022. However, the adoption of AI structures and platforms does not come without challenges, as 60% of the organizations that have incorporated AI recognized cybersecurity risks as the most prevalent ones.
The Integration of AI in Cybersecurity
Artificial intelligence is a crucial asset for organizations that use automation to increase productivity and efficacy of their processes. According to IBM, one crucial application that leverages AI more than any other today is data security or cybersecurity. As digital transformation increases rapidly, so does the number and sophistication of data breaches. AI can be a powerful tool in protecting against cyber-attacks.
The typical functions of AI in cybersecurity are: Detection:
Organizations use AI mainly to detect cyber threats. More than 50% of organizations that have implemented AI-based cybersecurity solutions use it for detection purposes. This is due to the unique capabilities of AI to identify irregular traffic through machine learning or deep learning.
Prediction:
A considerable number of organizations use AI to predict cyber threats. This is done by scanning through data (system logs, network traffic etc.) and making predictions based on the system’s training. Organizations that adopt AI for prediction purposes can also use the technology to identify critical vulnerabilities, automatically identify their assets and network topology, and continuously improve their network defenses against any potential cyber-attacks.
Response:
The AI forms of responding to cyber threats evolve continuously. Organizations can now use AI to detect attacks and stop them at the same time. They can automate the creation of a virtual patch for a detected threat or develop new protection mechanisms in real time. AI helps organizations lower costs, improve threat response time, and respond to breaches, regardless of the forms, modalities, or specific characteristics in which it is used.
The Challenges of AI in Cybersecurity
The integration of AI in cybersecurity systems does come with some drawbacks and limitations. The two most common ones are the use of AI by cybercriminals and adoption barriers.
The Use of AI by Cybercriminals
AI is a double-edged sword; it can be used as a powerful protective tool, as well as a powerful attacking mechanism. On the offensive side, malicious attackers can use AI to increase the precision and effectiveness of their attacks. Organizations that adopt AI into their cybersecurity systems are bound to specific regulations, which often limit the scope of their use. In contrast, cybercriminals have an unlimited playing field, making it easier for them to leverage the technology for harmful purposes.
One of the best-known program analysis techniques used by hackers is “fuzzing.” This is mostly used to find vulnerabilities in complex software. The main intention of this technique is to cause buffer overflows, crashes, memory errors, and exceptions and expose system weaknesses. The use of AI with this technique increases the precision and efficiency of the attack, thus creating a devastating threat.
AI can also be used with phishing attacks. AI-powered phishing has an increased speed of navigating sensitive data and reduced traffic. This helps cybercriminals extract only the necessary information and make the malware harder to detect. Organizations must apply AI in similar ways to be one step ahead of the cybercriminals and identify any gaps before the attackers take advantage of them.
Adoption Barriers
Considering that AI represents a new industry, organizations need to invest considerable money and time in computing power, memory, and data centers to be able to build and maintain AI systems. However, the as the technology advances, the costs decrease, making quality servers more affordable.
The integration of AI in cybersecurity is becoming indispensable for organizations. However, the main roadblocks which slow down its adoption and deployment are talent acquisition, data complexity, and the employment of proper AI tools. Its time for organizations to invest in talent and tools needed for proper adoption of AI within the cybersecurity space.
The Future of Cybersecurity: A Growing Skills Gap
An organization implementing strong defenses against cyber-attacks need a skilled and experienced cybersecurity workforce, which is not easy to find, considering the large demand. The number of individuals interested in taking courses in cybersecurity is increasing. This trend is expected to grow even more in the future, as the demand is much higher than the supply.
If left unattended, cyber-attacks will continually increase and become more dangerous. This can be prevented by making continual significant investment in people. This can be done by hiring cybersecurity experts or by training employees on the integration of AI in cybersecurity systems. Organizations in Zimbabwe and across the globe need to start investing in AI to enhance their cybersecurity capabilities.
To find out more contact Tonderai Makumborenga, Cybersecurity Consultant on:
Email: tonderai.makumborenga@zw.ey.com or eymarketing@ zw.ey.com
Address: Angwa City Building, Corner Julius Nyerere Way/ Kwame Nkrumah Avenue. P O Box 62, Harare, Zimbabwe.
Tel: +263 4 750905/ 750979
This article was compiled by EY as a source of general information and notification and should not be construed as a formal professional/legal opinion. Although reasonable skill and care is taken when providing information, EY offer no warranties or representations as to the information’s accuracy. The information provided is not intended to replace the need for an expert/ legal opinion on interpretation, application and consequences of the relevant legal, technical or regulatory provisions. E Y does not accept responsibility for any loss or damage you or any third party may suffer as a result of utilising the information provided.