AI is transforming cybersecurity: How can security experts respond?

Remember the moment you first realized the internet was fundamentally changing almost everything? Neither do I. It happened incrementally. The arrival of artificial intelligence (AI) is very different. Like the internet, AI may well transform life and living as we know it today – but it’s doing so at lightning speed.

Think about it. As we stand on the brink of an AI-driven era, the impact of this technology on our lives and societal fabric is becoming increasingly profound. According to Gartner, “more than 80% of enterprises will have used generative AI APIs or deployed generative AI-enabled applications” by 2026. That’s right around the corner, a few months away.

Meanwhile, the global AI market is anticipated to grow 37.3% by 2030. ChatGPT reached 100 million active users last January within only 60 days of its original launch. Most of these users aren’t major organizations with big budgets. They’re small groups - potentially anyone with a phone or laptop. And more than a few are cybercriminals.

That’s right. Cybercriminals are beginning to weaponize generative AI for malicious purposes. That makes the issue top-of-mind for CISOs, CIOs, CTOs, and other leaders responsible for the cyber defence of nations, governmental agencies and private sector organizations across industries.

Historically, developing exploit programs required the resources of nation-states, but today's crimeware gangs are gaining more sophisticated capabilities than ever. Despite OpenAI's implementation of safeguards to prevent the dissemination of potentially harmful information, attackers continually discover new methods and tactics to evade these protections.

Through generative AI technologies, hackers create spear phishing emails with impeccable grammar, accurate logos and even login information in any language. They find, write and test exploits 10 times faster and do not require expert abilities to construct them.

Even before AI became a household term, cyber threats worldwide were escalating faster than our cyber defence capabilities. As the gap between these two grows larger, cyber resilience – our ability to manage cybersecurity risk – is weakening. We’re falling behind.

Now that AI has stepped onto the global stage, the race is on, and it’s urgent. Arguably, 2023 was the starting gate. On one side: the cybercriminals, from nation-state-sponsored groups to the ransomware community. On the other: CISOs and security leaders, and every member of their security operations teams.

Security operations analysts often wrestle with outdated technology, a firehose of data, multiple tools that don’t communicate with one another, and a constant blizzard of alerts that make it difficult to concentrate resources on the greatest risks.

AI can help change much of this. It can monitor network activity, identify anomalies and prioritize alerts. It can analyze large volumes of data, identify fraudulent or suspicious content and isolate threats. AI can also allow senior cybersecurity analysts to shift tasks to junior team members and focus on more strategic activities, like managing machine-to-machine conflict, coordinating damage control and directing tactical offensive operations.

Just as the internet has transformed our world, AI will upend cybersecurity. It has already started. As threat actors leverage AI to build stronger attack strategies and more lethal cyberweapons, we must be several steps ahead of them. To get there, our leaders across the public and private sectors must prioritise cybersecurity.

AI will change our life, if not our humanity. For cybersecurity teams like ours at Trellix and those of CISOs across the world, AI isn’t a new tool or even a new toolbox. It’s a transformational step change in weaponizing machines to mimic human intelligence and behaviour in order to either compromise digital networks and assets, or counter these attacks. It’s a new arms race. And it starts now.