I’ve often wondered whether artificial intelligence (AI) in cybersecurity is a good thing or a bad thing for data security. Yes, I love the convenience of online stores suggesting the perfect items for me based on my search history, but other times it feels a bit creepy to have a pair of shoes I looked at stalking me around the internet. But I’ve realized as a consumer that the answer is a little bit of both.

I’ve recently been researching and writing on the increase of AI-based attacks. In brief, the premise of AI is the quick analysis of large amounts of data and then using the data to make predictions. I learned that both the good guys and the bad guys can use AI. What does that mean for the future of data security?

Does AI Increase Data Security Threats?

Judging by how threat attackers use AI, the short answer is yes, AI increases threats. When cyber criminals rely on human intelligence, they mostly manually find the vulnerabilities, even if they are using tools. By using AI, they can automate the process of environment analysis and more quickly find its weaknesses. Essentially, AI makes attacks smarter and more accurate. Because AI depends on data to become smarter, threat actors can use data collected from previous attempts to predict vulnerabilities or spot changes in victims’ data security.

Three common attacks are evasion attacks, poisoning attacks and privacy attacks. During evasion attacks, the malicious content evades detection by changing codes at test time. While poisoning attacks focus on changing data sets, privacy attacks retrieve sensitive data. Each of these attacks is launched by using AI to spot openings and then conduct the attack faster than the victim can detect it.

One of the most challenging parts of AI attacks is this speed. Threat actors can spot new trends more quickly than defenders can develop tools and strategies to defend against the attacks. Threat actors can also use AI to analyze large amounts of data and then design social engineering attacks likely to work on specific people.

How AI Can Improve Vulnerability Management

It’s strange how many businesses and agencies don’t devote adequate resources to the vulnerability management aspect of data security. Effective cybersecurity starts by stopping criminals from gaining access. It’s not an easy task to do right, though. It can be expensive and complex. You also need teamwork between a lot of different people and roles.

However, this is why vulnerability management is the perfect task for AI. Instead of all of the manual tasks, AI automates the data analysis and systems reviews. That results in a much quicker process that makes it more likely to spot an opening before a cyber criminal does. The good guys can then fix the issue before an attack happens.

AI can also improve data security in several ways. Let’s start with the cornerstone of vulnerability management, knowing your level of cyber risk. The Vulnerability Risk Score vulnerability assessment is the key to knowing where you are in terms of defending your data and infrastructure. AI can more quickly and correctly analyze large amounts of data, meaning that you have an almost real-time picture of your vulnerability.

One of the big challenges with vulnerability management is keeping track of all of the different information sources. Potential attacks may be discussed on chat boards and private media. (This plagues cybersecurity in general.) By using AI to spot trends, defenders can know where to focus their often-limited resources for the biggest impact. Along the same lines, organizations should look to use AI to help triage security alerts to know which ones are both relevant and important.

Moving Data Security Forward With AI

AI is transforming vulnerability management from both sides — the attacker and the attacked. With threat actors increasingly employing AI for attacks, the best way that organizations can stay ahead of them is by using the same tech. Otherwise, they’re opening their data security efforts up to threats that have the speed and accuracy of AI on their side.

More from Artificial Intelligence

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

4 min read - The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster security defenses, cyber professionals now face a pivotal question: What new skills do I need to stay relevant?October is Cybersecurity Awareness Month, which makes it the perfect time to address this pressing issue. With AI transforming threat detection, prevention and response, what better moment to explore the essential skills professionals might require?Whether you're…

3 proven use cases for AI in preventative cybersecurity

3 min read - IBM’s Cost of a Data Breach Report 2024 highlights a ground-breaking finding: The application of AI-powered automation in prevention has saved organizations an average of $2.2 million.Enterprises have been using AI for years in detection, investigation and response. However, as attack surfaces expand, security leaders must adopt a more proactive stance.Here are three ways how AI is helping to make that possible:1. Attack surface management: Proactive defense with AIIncreased complexity and interconnectedness are a growing headache for security teams, and…

AI hallucinations can pose a risk to your cybersecurity

4 min read - In early 2023, Google’s Bard made headlines for a pretty big mistake, which we now call an AI hallucination. During a demo, the chatbot was asked, “What new discoveries from the James Webb Space Telescope can I tell my 9-year-old about?" Bard answered that JWST, which launched in December 2021, took the "very first pictures" of an exoplanet outside our solar system. However, the European Southern Observatory's Very Large Telescope took the first picture of an exoplanet in 2004.What is…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today