Three ways Artificial Intelligence will impact Cyber Security.
Lately, Artificial Intelligence (AI) seems to be everywhere. Of course, we technology professionals have been talking the talk about AI for years. However, since the launch of ChatGPT in late 2022, discussions about AI and its possible applications (and ramifications) have dominated mainstream conversations.
We know that AI is changing a lot of things. Cyber security strategy and response is not exempt.
On the positive side, it’s helping organisations to stay one step ahead of cyber attackers and improve their overall security posture. We’ve seen response time to cyber incidents reduced to mere minutes, from days.
That’s great news at a time when cyber attacks are increasing exponentially, and it’s virtually impossible to ward them all off with traditional cyber defences. However, the overall impact of AI on cyber security is something of a mixed bag (but leaning towards positive).
Consider the following as general principles:
- AI is undeniably benefiting cyber criminals. In years gone by, cyber attackers needed to have at least a basic level of skill, proficiency and information to launch a sophisticated cyber attack. Unfortunately, AI has democratised much of this, meaning virtually anyone with the will and curiosity can become a cyber criminal.
A great example of this is the Common Vulnerabilities and Exposure (CVE) database. This is an essential list of publicly known information about cyber security vulnerabilities and exposures that helps cyber security firms to monitor and evaluate key software packages, and develop patches, fixes and other responses.
Unfortunately, because it’s publicly available, cyber criminals also have access to the CVE database. In the past it would typically take around three to four days to exploit reported vulnerabilities from the time they were first reported. With attackers harnessing the power of AI to collect and process this information, these days we’re seeing first attacks happen within 20 minutes of vulnerabilities being reported. It’s scary stuff.
- Thankfully, AI is also benefiting defenders in equal measure. For many organisations, AI can be used as a force multiplier – an essential tool in the kit to overcome the current cyber security skills shortage and ward off the bad guys. One obvious example of this is that AI can be used to gather recommendations about relevant CVEs for your organisation in real time, however that’s just a starting point.
We’re seeing certain flavours of AI emerge that are incredibly useful to defenders, because they remove much of the human element from security monitoring and posture considerations, including identification and containment of threats. We also know that AI can be used to co-ordinate major incident response and take certain corrective actions, such as collecting evidence and co-ordinating across multiple teams of security experts.
AI and machine learning (ML) technologies are also critical components of best-practice security information and event management (SIEM) platforms, providing real-time visibility to key stakeholders across the organisation in the case of a cyber event or breach: what’s been done, what’s happening next and so on.
- AI is going to work best for you with the help of an expert partner. Yes, some are calling AI a “superpower” when it comes to cyber security defence; and we think that’s somewhat true. However, it’s also true that every superhero has help – someone behind the scenes who helps with strategy, gadgets and other essential support. Some superheroes even work in teams, and that’s an unbeatable combination.
Consider Microsoft Security Copilot – the only security AI product that combines a specialised language model with security specific capabilities. It’s an amazing tool that provides a lot of context around the infrastructure entities in your environment. When it’s trained by an expert pair of hands, that information can be used to support analysts who may not be highly skilled in cyber security, allowing them to build very sophisticated threat hunting models.
The overall point to make is that AI is a tool – but not the complete solution. The right managed service provider will bring the right skills and experience to the mix, so you can build powerful, AI-enhanced defences that are customised for your organisation and environment.
Interested in harnessing the possibilities of AI in your cyber security mix?
If you need some help to better understand how technologies such as AI are impacting cyber security strategy, Macquarie Cloud Services can help. We’ve been at the frontline of cyber security response in Australia for more than 30 years. Our managed services are provided by some of the most skilled cyber security professionals in the country, from one of the most technologically advanced SOCs in the world. This includes more than 200 staff cleared by the Australian Federal Government to manage classified government data, and we’ve been doing that for more than a decade.
We’d love to discuss working together to harness the power of AI to optimise your cyber security strategy. Contact us on 1800 004 943 or email email@example.com to find out more.