In this blog, our team of experts have put their heads together to profile the double-edged sword that is AI in cybersecurity, exploring both the challenges and possibilities it opens up.

Share this Blog post

The artificial intelligence in the cybersecurity market was valued at 22.4 billion USD in 2023 and is expected to reach 60.6 billion by 2028.

From changes in job roles to increased cyber threat levels for businesses, it’s safe to say that advancements in AI have taken the digital sector by storm. Much more than just a fad that will ‘die down’ or get assimilated into regular workflows, AI is impacting businesses from both ends as a threat and a support, and will continue to do so for the foreseeable future.

What does AI mean for cybersecurity?

Whether we like it or not, artificial intelligence has well and truly begun to change the cybersecurity landscape at all levels. Key players, from cybersecurity professionals to businesses and consumers, are already being impacted by the capabilities of AI too.

But is AI a blessing or a curse for cybersecurity? 

Just as the integration of AI is capable of producing some incredible opportunities for cybersecurity, it also has the potential to cause a great deal of harm, boasting both defensive and offensive abilities (based on its application). These two strands — what we’re calling the ‘opportunities’ and ‘challenges’ — contain many different examples as explored below.

Cybersecurity challenges posed by AI

As technology gets increasingly sophisticated and ‘capable’, owing to the advancements that come with AI, so too do the methods and attempts of cybercriminals. Gone are the days of wishful social engineering and opportunistic hacking. Now, more than ever before, cybercrime has been able to develop into a far more repetitive, targeted, and persistent activity — and with greater success rates too.

Let’s confront exactly which new threats artificial intelligence poses to businesses and the wider world of cybersecurity at large.

Elevation of traditional cybercrime methods 

In recent years, AI has started to be used by cybercriminals in conjunction with their existing, more traditional methods. As an example, the fusion of AI with a traditional tool like a USB stick allows these outdated cybercrime methods to resurface with new impact, distributing malware in targeted attacks. 

New methods: The malicious use of generative AI

a person typing with an AI chat bot on a laptopp

You may well have seen tools like ChatGPT or DALL-E advertised online or in your newsfeed recently. These viral applications are examples of what’s known as ‘Generative AI’ — that is, tools which produce content or visual content instantly based on prompts and information given to them. 

When used for good, generative AI technology is seriously impressive and can significantly reduce human labour, cutting down, for example, the time taken for an employee to write an email or a piece of code. 

However, in the hands of cybercriminals, this technology can be used for ill intent, such as:

  • Writing and sending phishing emails 
  • Keystroke monitoring malware
  • Forging images or making scams appear more convincing
  • Producing ransomware code

This means that it will be much harder for human employees to distinguish the difference between a regular email and a scam or phishing email as they will become more credible and seem more legitimate. 

Deep fakes & social engineering

Generative AI has also been used to create ‘deep fakes’ and impersonate individuals on the internet to gain access to confidential or sensitive information. 

Deep fakes are usually videos of a person that have been digitally altered so that they appear to be someone else, often used maliciously. This technology has been used by cybercriminals as a digital form of social engineering.

Machine learning to target data 

AI operates via something called ‘machine learning’, one of the reasons why it is so successful and able to evolve and grow at such an alarming rate. Machine learning refers to the use of data and algorithms to imitate how humans learn — from patterns and anomalies — to get more and more accurate.

When harnessed by cyber criminals, this type of AI can be trained to spot weaknesses in systems, identify patterns in networks, and target specific data, gaining access to places they wouldn't have been able to infiltrate with regular, manual methods.

Automated cybercrime  

One of the core benefits of AI is its ability to reduce workload for humans — cutting task time in half and preventing workers from having to do mundane, repetitive tasks manually. When it comes to cyber crime, the same applies. Thanks to core AI features such as automation, the creation of targeted, persistent, cyber attacks are much easier and have a much higher success rate. 

A person typing with illuminated strokes across their laptop keyboard

Increased need for funding in cybersecurity strategy 

All of the examples above illustrate perfectly the need for increased investment in IT security. It’s a basic principle: when the threat gets tougher, your defence has to level up as well. 

This may come as a challenge for many businesses who are already spending a considerable amount on their cybersecurity strategies, or those who are going through tough times at the moment. Budgets will need to be rethought out to make scope for things like cybersecurity training for staff, greater investment in security, and perhaps even working with a managed service provider to ensure maximum levels of security. 

Putting all that together, it becomes clear that AI poses a very real and expensive threat to cybersecurity. 

AI & cybersecurity: The opportunities

But it isn’t all doom and gloom, though.

On the other side of the same coin, AI’s integration into cybersecurity has produced some really exciting opportunities for consumers, IT professionals, and businesses across the world. Just as much as AI’s time-saving, data-handling, and automating capabilities can be used for bad, they can also be harnessed for positive results.

Malware detection

Malware is usually detected by traditional antivirus software which relies on signature-based detection to identify variants of malware. While this method is highly effective, it only works on malware that is already known and listed on the database. So, should a modified malware variant be created, with this method, it could easily evade detection. 

However, AI uses machine learning to help detect — and respond to — both known and unknown malware threats. Thanks to AI’s ability to analyse vast quantities of data in a short period of time, patterns and anomalies (otherwise extremely difficult for humans to identify) can be spotted quickly.

In essence, then, AI allows us to defend our systems against threats we may not even know exist until they've been deflected.

Phishing detection 

Similarly, the common cyber attack tactic known as ‘phishing’ can be handled much more effectively and thoroughly by AI. 

Traditionally, phishing detection relied upon rule-based filtering to block any emails from known phishing sources. However, this is quite a reactive response. With AI, machine learning can be used to analyse the content and format of emails and quickly identify any emails likely to be part of a phishing attempt. 

Enhanced network protection  

AI algorithms can also be trained to monitor networks - keeping a close eye out for any suspicious activity; this can be anything from unauthorised devices to unusual traffic patterns.

As part of its machine learning capabilities, AI can quickly analyse historical data from the network and gain a sense of what constitutes ‘normal’. From here, it is able to instantly flag when anomalous behaviour arises (EG: traffic from a suspicious IP address or unusual port of protocol usage).

Endpoint security

As our last example, AI is able to improve endpoint security levels through smart learning and detection. Devices known as endpoints (laptops, smartphones, tablets) are often the target of criminal cyber activity. Should a device on your system become infected with malware, AI can detect this and quarantine any suspicious files.

What's more, AI-based endpoint security is also capable of blocking unauthorised access attempts to these devices, preventing malicious individuals from gaining access to any sensitive or confidential data that may be stored there.

All of the examples above demonstrate how malleable AI can be when applied to a cybersecurity context, strengthening defence systems and even learning while doing so to constantly improve in the future.

Changing job specs

Another one of the core opportunities facilitated by AI’s integration into the cybersecurity realm is job specifications. We’ve already mentioned how, in order for IT professionals to keep up with this new technology, more research, testing, and training will need to be done. However, this can be seen as an exciting opportunity as opposed to a difficult undertaking.

IT security teams will have to do far less of the heavy lifting thanks to AI and the automation of mundane, repetitive tasks. Instead of focusing their efforts on constant monitoring and data analysis, AI can do this for them, freeing them up to apply this brain power, time, and energy elsewhere in more important tasks at higher levels. 

AI & cybersecurity: The verdict

To risk stating the obvious, artificial intelligence has some impressive applications that get results unlike anything seen before in the digital sphere. The question we must ask ourselves remains: to what end.

While, in the hands of enthusiastic IT professionals, AI is capable of propelling industry forward and making great strides when it comes to efficiency, in the wrong hands, and if put to use for malicious intent, AI is just as capable of causing chaos.

The core things to remember are as follows:

  • Like any new form of technology, AI brings with it a whole host of new challenges for cybersecurity professionals and should be regarded seriously. 
  • But, on the other hand, advancements in AI have the potential to facilitate some of the most significant improvements in cybersecurity (technology and the industry) that we have seen for a very long time. 
  • The more AI’s varying impact on cybersecurity is understood, the better.

Keep your cybersecurity strong

If you have any questions about AI and cybersecurity, get in touch with our team of experts who can point you in the right direction. If you know your business needs to up its cybersecurity strategy, ITRM’s IT security offering can help you too.

In the meantime, keep your finger on the pulse of AI and cybersecurity by following the ITRM blog.

Share this Blog post

Related Articles

5 Reasons Why Small Businesses Need IT Support

5 Reasons Why Small Businesses Need IT Support

For many small business owners, managed IT support is often misunderstood as a luxury only larger companies can afford. For that reason, most small businesses and startups fail to see the value in outsourcing IT support services. However, this blog will detail the reasons why that shouldn’t be the case.

10th January 2022
Why Managed IT Support Needs to be a Priority in Education

Why Managed IT Support Needs to be a Priority in Education

In recent years, the education system has undergone a vast number of changes, becoming increasingly digitalised before our very eyes.

23rd December 2021
Visit our blog for more articles like these

Your privacy

By clicking “Accept all cookies”, you agree ITRM can store cookies on your device and disclose information in accordance with our Cookie Policy.

Cookie Settings

When you visit any of our websites, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and manage your preferences. Please note, blocking some types of cookies may impact your experience of the site and the services we are able to offer.