The Opportunities and Risks of AI in Cybersecurity
IBM (International Business Machines) Corporation recently reported 90% of the data circulating in the world today was created in the last two years alone, with approximately 2.5 quintillion bytes being added to that every single day.1 With that much, often confidential, data being produced, what is being done to protect it?
“Cybercrime, by definition, is the greatest threat to every profession, every industry, and every company in the world.” – this is what IBM Chairperson and President, Ginni Rometty, had to say at the New York Security Summit in 2015. Her prophecy came true when Cybersecurity Ventures released a report estimating cybercrime damages will cost the world $6 trillion every year by the time we reach 2021.2
What is cybercrime?
A cybercrime, cyber threat or cyber attack is an illegal activity involving a computer or a network-connected device like an iPad or cell phone. The cyber attacker or cyber hacker may have the intention of gaining access to a network, stealing confidential data, using the computer as an accessory to a crime, or downloading software to a person’s device without their knowledge.
The different types of cyber hacking include:
What is cybersecurity?
Cybersecurity should inform a large part of all business processes. It is a practice concerned with the confidentiality and availability of information (such as data), as well as the protection of that information. Cybersecurity can also be concerned with information recovery due to power outages, cyber hacking, cyber attacks or accidental deletions. Cyber protection can be practiced on a small to very large scale depending on whether you’re dealing with an amateur cyber hacker or a dangerous criminal group. As we work our way through the 21st century, it’s imperative for every business, whether they’re a small enterprise or a large corporation, to have a cyber protection leadership plan in place.
Want to learn how to develop your own cybersecurity leadership plan?
Study the Cybersecurity: Managing Risk in the Information Age online short course
The good news is the emergence of using artificial intelligence (AI) to combat cyber attacks could reinforce and improve cyber protection strategies – leading to businesses saving a lot of money. Artificial intelligence brings with it the possibility of finding anomalies, malicious software, and attack vectors – automatically and in real time.
However, as more people learn to utilize the benefits of AI, others are learning to exploit it in aiding cyber attacks. Harold Moss, Senior Director of Strategy and Business Development at Akamai Technologies, and a Guest Expert on the Cybersecurity: Managing Risk in the Information Age online short course from Harvard’s Office of the Vice Provost for Advances in Learning, in association with HarvardX, describes cyber threats like this:
“It’s almost like kidnappers – kidnappers watch where people go, and then they say ‘okay, I know this is a point where you’re going to be vulnerable, that’s where I’m going to get you’. Cyber hackers are no different.”
How AI is being used in cyber threats and cyber hacking
Two Data Scientists from a social media security and digital risk monitoring firm called ZeroFOX recently performed a study on Twitter to determine who had a higher success rate of getting users to click on malicious links: humans or artificial intelligence.3 The verdict? AI, and by a long shot. AI systems have led to more automated and sophisticated social engineering cyber hacking, with a first-of-its-kind malware emerging in early 2017.
In 2016, a global hacking event was held in Las Vegas: the DARPA-sponsored Cyber Grand Challenge. Here seven competitors designed machines to cyber hack other machines with the hope of taking home $2 million as prize money. Each machine tried to find various ways to exploit software and then fix the damage they made so other competitors could not copy their tactics. The winning machine named ‘Mayhem’ is kept in the Smithsonian National Museum of American History.
Last year, the same kind of artificial intelligence technology was detected by cybersecurity firm, Darktrace Incorporated in a cyber attack that occurred in India. What the malware managed to do was use AI to figure out normal user behavior patterns used in the network; mimic the behavior of the network, systems and the users of the system; and then hide in the background making it difficult to detect. Although the cyber attack was detected in the early stages, according to Chief Executive of Darktrace, Nicole Eagan, this is just the beginning – these are just the early signs of machine learning and artificial intelligence being used to attempt (and soon succeed at committing) cybercrimes.4
In a survey completed by Webroot IT Security Company, 91% of the IT Security Professionals who took the survey said they’re concerned about hackers using AI to commit cyberattacks. On the other side of the coin, 99% said AI will improve an organization’s cybersecurity.5
How AI is revolutionizing cybersecurity, risk management, and cyber protection
In 2016, the White House Office of Science and Technology Policy (OSTP) released a report entitled Preparing for the Future of Artificial Intelligence. In this report, suggestions were made regarding the use of AI in regulation, public outreach, uses in federal government, and the use of artificial intelligence in both weapon systems and cybersecurity. Under the chapter dedicated to the discussion of AI and cybersecurity, the report states the future of AI could include anticipating future cyber attacks by using predictive analytics. This will be done by establishing cyber threat models taken from continually-changing data sources. The type of data could include:
- links
- networks
- architecture protocols
- the state of network nodes
AI will possibly be the most effective tool for interpreting this data to continually identify present vulnerabilities and to consequently, take action to counterattack and prevent attacks in the future.6 Just two years on and we’re already seeing the use of AI at cybersecurity firms to improve issues like risk management, and to detect anomalies, network cyber attacks, and malicious applications or software.
New AI algorithms use machine learning to adapt over time. The latest updates to malware and other cyber attacks have become difficult to detect using traditional cybersecurity methods. As threats evolve, so should the cybersecurity systems, as well as the individuals responsible for deploying these systems. By implementing the use of AI, cybersecurity professionals will be able to free up a lot of their time to develop and improve current cybersecurity strategies. Chris Ganje, CEO and Co-founder of Amplyfi – a company offering products harnessing artificial intelligence and offering corporate strategic thinking says:7
“In cyber security, AI can automatically identify potentially malicious software behaviour, attack vectors and related anomalies in real time, allowing a continuously adaptive defence mechanism to identify and shut down intrusions faster and easier than ever before. This technological advancement not only significantly reduces the number of cyber security breaches, but also empowers analysts to better focus their time and speeds up the process to identify breaches from hundreds of days to mere hours.”
Five Cybersecurity companies utilizing AI
- SparkCognition
This US-based company creates artificial intelligence solutions to problems related to defense and cybersecurity. In August, SparkCognition launched DeepArmor, an antivirus product using AI to identify mutating viruses and detect new malware approaches. - Cylance
CEO, Stuart McClure recently announced a new product called CylanceOPTICS which will use artificial intelligence to understand how cyber attacks gain access to the device in order for companies to determine where the gaps are in their cybersecurity.8 - RazorSecure
Based in the UK, this cybersecurity company for aviation, automotive and rail has capitalised on the use of AI with a focus on understanding how to use deep learning for causation and detection. CEO, Alex Cowan says a large part of their focus in using AI is to understand why cyber crimes and cyber attacks occur instead of simply counter-attacking and moving on.9 - Appthority
This company focuses on mobile cybersecurity and uses artificial intelligence by providing customers with a platform to automatically detect and grade suspicious behaviour like malware, intellectual property exposure, and corporate data security breaches.10 - BehavioSec
This behavioral biometric company monitors end-users’ keystrokes and mouse movements to create digital fingerprints. This form of cybersecurity ensures continuous authentication, makes it easier to detect anomalies, verifies customers, and prevents cyberattacks and fraud. The artificial intelligence technology can be deployed on a cloud-based system or on-site.11
Although the emergence of artificial intelligence in the field of cybersecurity is being predicted by many to become a double-edged sword, having a continually-evolving understanding of cybersecurity, risk management and current cyber hacking trends, is imperative to distinguish the vulnerabilities of your organization. By 2021, there are estimated to be an astounding 3.5 million unfilled cybersecurity positions worldwide, making the need for working professionals with expertise in cyber protection more in demand than ever before.12
Learn how to utilize AI in your organization’s cybersecurity strategies
Register now for the Cybersecurity: Managing Risk in the Information Age online short course