News & Insights

AI: Friend or Foe? How artificial intelligence is changing the cybersecurity landscape

Rachael Simpson

Read Time Mins

Artificial intelligence (AI) has made significant strides in many fields, but its impact on cybersecurity is particularly transformative. Our Chief Information Security Officer (CISO) at BlackDice, Paul Jenkins, recently shared insights on how AI is reshaping the cybersecurity landscape in a webinar hosted by the Education & Training Foundation (ETF), and aimed at teachers delivering cyber qualifications.

This blog explores the key points from his presentation, offering a comprehensive look at how AI is both enhancing, and challenging, our security frameworks.

First, let’s define what we mean by AI in cybersecurity

When discussing AI in the context of cybersecurity, we predominantly refer to machine learning (ML). ML is a subset of AI that trains algorithms to learn from data, recognise patterns, and make decisions with minimal human intervention.

Generative AI, a more recent development, leverages ML for data processing and pattern matching, creating coherent outputs based on context and instructions. This capability is widely seen in tools like OpenAI’s ChatGPT and Google’s Gemini project.

AI as a defensive tool

AI has become integral to modern cybersecurity defences, and is being used in various ways:

 

 

 

The dual use of AI

AI in the context of cybersecurity, can be viewed as something of a double-edged sword. This is because, while it enhances defence mechanisms, it’s also exploited by cybercriminals, and believe me when I say, the types are vast and are increasing in frequency every day.

Some of the most prevalent ways that cyber criminals exploit AI include:

 

 

AI systems as attack vectors

AI systems themselves are even potential targets. Prompt injection attacks, for instance, manipulate AI model outputs, particularly those relying on natural language processing (NLP). These attacks can cause models to behave unpredictably, generating harmful or misleading responses. To counter this, explainable AI (XAI) aims to make AI models more understandable and their decisions more transparent.

The arms race: AI vs. AI

In cybersecurity, we see an ongoing ‘arms race’ where both attackers and defenders use AI to outsmart each other. Cybercriminals enhance their tactics with AI, while defenders use AI for automated threat detection, monitoring network traffic, and recognising malicious behaviour. This continuous cycle of attack and defense pushes the boundaries of cybersecurity technologies, and fuels continuous innovation in our field.

Ethical considerations

Understandably, AI’s use in cybersecurity raises several ethical issues. For instance, bias in AI systems can lead to unfair targeting or overlooking threats. The collection of large datasets for AI training must balance respect for individuals’ privacy rights with regulatory compliance. Moreover, there is a risk of job displacement due to AI automation, necessitating reskilling and upskilling opportunities.

 

Despite these challenges, AI’s future in cybersecurity is promising… here’s why:

  • Enhanced threat detection and response: AI systems will become more sophisticated in identifying and neutralising threats quickly
  • Predictive capabilities: AI will advance to predict cyber-attacks before they occur, shifting security strategies from reactive to proactive
  • Integration with emerging technologies: AI will integrate with blockchain, IoT, and quantum computing, creating more robust security systems
  • Collaboration and information sharing: AI will facilitate real-time sharing of threat intelligence, enhancing coordinated responses to large-scale attacks

Final thoughts

AI is set to play a central role in the future of cybersecurity, helping organisations stay ahead of increasingly sophisticated threats. While there are challenges, the continuous evolution and improvement of AI technologies promise a more secure digital landscape.