Why AI is the key to cutting-edge cybersecurity

Image shows electronic display to illustrate the growing importance of AI in cybersecurity

AI is set to play a vital role in protecting against and detecting cybersecurity threats Image: Unsplash/Adi Goldstein

Santeri Kangas
Our Impact
What's the World Economic Forum doing to accelerate action on Cybersecurity?
The Big Picture
Explore and monitor how Cybersecurity is affecting economies, industries and global issues
A hand holding a looking glass by a lake
Crowdsource Innovation
Get involved with our crowdsourced digital platform to deliver impact at scale
Stay up to date:


Listen to the article

  • The global cybersecurity threat landscape is changing, and internet users now face ever-evolving threats to their data and privacy.
  • There are massive, largely automated botnets infecting consumer devices and social engineering or phishing attacks that try to fool users into giving away their money and data.
  • Artificial intelligence is now the latest weapon in the cyber security armory.

To understand why artificial intelligence (AI) is a vital tool in today’s and tomorrow’s cybersecurity kit, we have to understand how the threat landscape is evolving and what threats internet users face on a daily basis.


What is the Forum doing to avert a cyber pandemic?

The evolving threat landscape

The global threat landscape is changing. Internet consumers now face very different threats. On the one side, there are massive, largely automated botnets infecting consumer devices. On the other, there are social engineering (or phishing) attacks that try to fool users into giving away their money and data.

According to our researchers, the botnet threat landscape is growing in scale: device adoption data of about 1.7 billion connected devices in North America shows that many Internet of Things (IoT) devices are growing in popularity. Of these, IP cameras and network attached storage (NAS) devices have a particularly worrying threat profile, as malicious actors target them more often than other devices.

At the same time, mobile devices (phones, tablets, and smartwatches) remain the most popular group of devices and face a different threat profile. CUJO AI’s security data shows how close to 60% of all threats to mobile devices are related to unsafe browsing: millions of devices are accessing malware distribution, spam, and spyware sites. Alarmingly, around 20% of mobile browsing threats stem from phishing activities – one of the most difficult threats to counter due to the short-lived nature of phishing websites.


Countering cybersecurity threats with AI today

In the past, security solutions were predominantly reactive: a new malware sample would be found, analysed and added to malware lists by researchers at cybersecurity companies. The industry still uses this approach, but it’s acting more proactively, especially with regard to social engineering threats.

Machine learning or AI algorithms play a key role in this shift. While they are not a one-stop solution for all cybersecurity concerns, they are incredibly useful for rapidly automating decision-making processes and inferring patterns from incomplete or changed data. These algorithms work by first learning from real-world data, such as existing security threats and false positives, as well as the newest threats found by researchers worldwide.

Rule based vs. machine-learning based methods of ensuring cybersecurity
Rule based vs. machine-learning based methods of ensuring cybersecurity Image: CUJO AI

AI algorithms are pattern-detection machines with a significant edge over legacy list-based security systems. AI enhances and surpasses these systems by detecting novel threats that exhibit suspicious patterns. The learning process to reach this stage of AI proficiency is substantial and only achievable with robust data sources for each threat vector.

Machine learning systems are not magical and can make mistakes. Still, once the algorithms have a sufficiently minuscule margin of error, they become indispensable in online security as the rapid decision-making process reduces user friction and does not negatively impact the user experience. This is key for enhanced cybersecurity at scale and is a welcome side-effect of using AI in cybersecurity. It not only improves security but also covers a large area in the threat landscape.

AI algorithms can prevent some novel threats due to their nature: security threats, malware and adversarial tactics usually evolve by building on previous exploitations and malware. Comparatively few truly novel threats appear every year: most malicious actors are not so many developers as users of malware-as-a-service suites or tweakers of existing, leaked malicious codes. Our researchers have exposed this in a recent study of the Sysrv botnet’s evolution, where most new strains of the malware were combinations and re-combinations of other existing malicious codes.

Since these linearly evolving threats are often capable of avoiding standard anti-malware detection, AI is a useful tool for enhancing global cybersecurity. Simple tweaks are seldom enough to beat these algorithms.

In our own experience, adopting AI algorithms to enhance the protection of tens of millions of homes was a resounding success. We have successfully teamed the best practices from existing cybersecurity solutions with advances in machine learning to produce an extremely low-friction security solution that enables network operators to protect their consumers. At CUJO AI’s scale, AI helps us prevent around 10,000 threats every minute.

Countering cybersecurity threats with AI tomorrow

Perhaps the most exciting and one of the most valuable achievements in AI cybersecurity is the possibility to alert users before they access suspicious websites, including phishing sites. Since social engineering attacks usually result in the most damage and loss of privacy and finances for consumers, using AI to prevent novel attacks before they appear on industry databases is extremely important.

Looking forward, cloud-based AI-driven cybersecurity also has a key feature that goes beyond standard antiviruses and firewalls, as they can be deployed on the router to enhance the protection of all devices on a given network. This is extremely important as our data shows that around 50% of all connected devices are not capable of running antivirus software.

The future of consumer cybersecurity is unimaginable without AI, especially when we consider the scale and threat of social engineering and IoT malware.

Have you read?
Don't miss any update on this topic

Create a free account and access your personalized content collection with our latest publications and analyses.

Sign up for free

License and Republishing

World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.

The views expressed in this article are those of the author alone and not the World Economic Forum.

World Economic Forum logo
Global Agenda

The Agenda Weekly

A weekly update of the most important issues driving the global agenda

Subscribe today

You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.

Paris Olympics 2024: Cybersecurity experts sound the alarm on cyber threats

Spencer Feingold

June 13, 2024

About Us



Partners & Members

  • Join Us

Language Editions

Privacy Policy & Terms of Service

© 2024 World Economic Forum