
The integration of artificial intelligence (AI) technologies is necessitating a significant shift in business cybersecurity protocols. The evolving landscape of cyber threats is becoming increasingly complex due to the swift adoption of AI. Previously, successful cyberattacks required substantial planning and advanced technical proficiency, but AI has streamlined the process, decreasing the entry-level threshold for novice cyber threats.
AI has revolutionized the modus operandi of experienced cyber attackers, offering them speed and efficiency. Furthermore, it has also armed less skilled individuals with new capabilities. Vladislav Tushkanov, group manager at an AI technology research center, explains that AI technology allows both skilled and unskilled individuals to expedite their operations. Novice cyber attackers, who were previously required to spend extensive amounts of time learning programming, can now efficiently execute cyber threats.
AI is being employed to create sophisticated phishing emails, imitated voices, images, and videos that are convincing and challenging to identify. Deepfakes have become an emerging hazard in the corporate world. An engineering firm in the UK reportedly suffered a loss of approximately US$25 million in 2024 when an employee was tricked into transferring funds due to a deepfake video call.
AI’s capabilities extend beyond deepfakes and can support various stages of cyberattacks, such as reconnaissance, message customization, and evading detection by security systems.
According to recent research, 72% of businesses express grave concerns regarding cyber attackers’ utilization of AI. Traditional defensive measures struggle to counter rapidly evolving and unpredictable threats. Simultaneously, AI proves to be an essential asset for bolstering cybersecurity. It allows organizations to detect threats with greater speed, mechanize aspects of the response procedure, and improve predictive abilities, thereby shifting from a reactive to a proactive security strategy.
“To effectively manage the increasing number of alerts and to prevent analysts from becoming overwhelmed, machine learning is essential. It copes efficiently with these tasks and allows professionals to focus on complex or business-critical tasks,” Tushkanov said.
However, the successful incorporation of AI in cybersecurity involves more than just technology. Businesses also require skilled personnel, practical implementation experience, and a solid data foundation.
According to sources, AI is currently used to analyze and classify around 460,000 malware samples daily. This, combined with proprietary data, processing methods, and model training infrastructure, forms the foundation of increasingly complex cybersecurity strategies.
Despite the significant advances of AI, it is not yet equipped to replace human expertise in incident investigation and decision-making processes. Risk assessments and response strategies still heavily depend on professional judgment. “At this point, the human role remains essential,” Tushkanov said, implying that while AI systems might support decision-making in the future, they cannot replace the need for human expertise.
Q: How has AI impacted cyber threats?
A: AI has streamlined the process of executing cyber threats, reducing the need for substantial planning and advanced technical skills. It has made it easier for less experienced individuals to launch successful cyberattacks.
Q: What is the role of AI in cybersecurity?
A: AI plays a crucial role in enhancing cybersecurity. It allows organizations to detect threats quickly, automate parts of the response process, and enhance predictive capabilities.
Q: Can AI replace human expertise in incident investigation and decision-making?
A: Currently, AI cannot replace the need for human judgment in risk assessment and response strategy formulation. Despite the significant advances in AI, human expertise remains essential in incident investigation and decision-making processes.