Bylines Cloud Security Cyber Safety Threat Detection & Defense

How to Harness AI to Advance Cybersecurity

Saravanan Krishnan November 5, 2024

3 minutes read

By Saravanan Krishnan, Country Manager, Malaysia, Dell Technologies

Organisations are engaged in a high-stakes chess match against cybercriminals who are using Artificial Intelligence (AI). While AI offers immense potential to drive innovation and efficiency across industries, it also introduces a new breed of cyber threats such as deepfakes to imitate friends, family or colleagues which enables scammers to better mimic human behavior.

Recently, there has been a rise of investment scam tactics using deepfakes to mimic prominent figures and reputable companies in social media. Announced by the Federal Commercial Crime Investigation Department (CCID), deepfakes linked to investment fraud cases is the top crime cases reported which amounted to RM0.5 billion losses.

How should organisations respond, so that the security leaders could stay ahead of adversaries?

Strengthening Security Hygiene for AI Adoption

While there’s no ‘silver bullet,’ you need to start with good security hygiene, especially as organisations accelerate AI adoption.

It starts with ensuring the environment and IT estate are secure by design from product development through to deployment. Embedding security features such as multifactor authentication and role-based access controls add another layer to minimise vulnerabilities, as well as ensuring continuous monitoring to detect and respond to an attack.

Logging and monitoring tools are also key. Security professionals rely on the data from these tools to help identify behavioral outliers that could pose a risk to the organisation.

In the event of a security incident, having a recovery plan in place is vital to restoring operations securely and efficiently, reducing disruption.

According to the Innovation Catalyst survey, 93% of Malaysian organisations are increasingly adopting zero trust architectures to fortify their environments. This approach operates on the principle that no entity within or outside the network is trusted by default, and verification is required to access resources on the network. Implementing zero trust effectively reduces the risk of cyberattacks by allowing only verified and necessary activity.

Additionally, 77% respondents highlighted they have an Incident Response Plan in place to recover from a cyberattack.

Implementing AI requires a strong control over the enterprise data, especially for AI system leveraging public cloud. Strong data security and governance is a prerequisite to an AI security strategy.

The Power of Security Enabled by AI

Once you have a strong security foundation, embrace the very technology that threat actors use against us – AI. Adopting security solutions enabled by AI can help organisations build cyber resilience and stay ahead of threat actors.

Security enabled by AI is effectively AI-powered solutions that organisations can use proactively and reactively to identify and respond to threats. By equipping their security teams with tools that use machine learning, self-learning and adaptive defense capabilities, they can better detect and respond to threats. Leveraging these tools strengthens the overall security posture across the organisation.

In terms of proactive defense, AI can help continuously monitor network traffic, user behavior and system logs to identify anomalies and suspicious patterns that may indicate malicious activity. This early detection and prevention capability is crucial for minimising potential damage from cyberattacks. It can learn and adapt when detecting new challenges, helping IT and security teams outmaneuver attackers who refine their tactics and exploit new vulnerabilities. It also means that businesses can create a bespoke security response that is effective against specific threats for their industry.

Unfortunately, attackers can still get past even the best protected systems. In these cases, AI can also support recovery by automating incident response processes. Threat containment, data recovery and forensic analysis supported by AI can reduce the business impact of attacks and accelerate recovery.

The Human Element in Security for AI

On top of building a strong security foundation, organisations must recognise that employees are their first line of defense. Every employee needs a basic understanding of how AI is making threats more sophisticated, how to spot them and what to do when something doesn’t seem right. Highlighted from the Innovation Catalyst research, respondents rated AI fluency as one of the top three most sought after skills and competencies for the next five years.

This will become more important as attackers deploy advanced spoofing attacks created by deepfakes that add a convincing façade to criminals’ well-practiced social engineering techniques. Security practitioners also require role-specific training in AI so they have the knowledge and skills to understand how bad actors might use the technology.

The cybersecurity landscape is in constant flux. Organisations that prioritise AI-enabled security and a culture of continuous learning are best positioned to navigate the evolving threat landscape. By embracing a proactive and adaptive approach to security, businesses can confidently embrace the transformative power of AI and build a more resilient and secure future.