The cyberthreat landscape is shifting quickly, with new technologies presenting ever-evolving opportunities for scammers to wage increasingly sophisticated cyber-attacks. Cybersecurity expert, Michael Marcotte explained that the banking industry in particular is facing “an acute digital identification and security crisis” prompted by tools like ChatGPT, Midjourney and other easily accessible generative AI tools.
Advances in AI have led to the creation of deepfakes, which pose a huge threat, which is illustrated by the recent high-profile deepfake video scam on UK engineering company Arup. The attack involved a video call that utilized deepfake avatars of the company’s C-suite, instructing an employee to make cash transfers totalling HK$200 million.
Traditional security measures are now inadequate at protecting against rapidly evolving cyber threats.
This article explores the 3 key ways that AI can be utilised in the detect of and defence against new-age cybercrimes.
Automated Threat Detection
One of the most significant advantages of AI in cybersecurity is its ability to automate threat detection.
For example, AI can use biometric data to detect and prevent fraud in real-time by analyzing patterns and identifying anomalies that indicate fraudulent activities. artius.iD founder Michael Marcotte explains that Deepfakes, no matter how real they appear to the human eye, contain flaws at the microscopic level. AI tools can be used by companies to compare deepfakes against genuine employee biometric data.
AI can also learn what constitutes normal behaviour within a network and flag deviations as potential threats, for example if a user’s login patterns suddenly change (e.g., logging in from unusual locations or at odd times), AI can detect this anomaly and trigger an alert. AI algorithms can also recognize patterns associated with known cyber threats by analysing large datasets of past incidents.
Enhanced incident response
When a cyber-attack occurs, a quick and effective response is crucial to minimise fall-out. Forbes advises that companies develop a clear incident response plan. This ensures team members understand their roles during an incident, streamlining the investigation process.
AI can enhance incident response by automating various aspects of the process. Automated incident response systems, powered by AI, can initiate immediate actions, such as isolating compromised devices or blocking suspicious traffic, speeding up. This speeds up response time and minimizes the potential impact of an attack. AI algorithms can also help security teams prioritize incidents based on their severity, enabling them to allocate resources effectively.
User training and simulation
Financial Times advises that Generative AI can be used internally to identify gaps in security measures or to help train employees and customers in cyber security and detection.
AI can create simulated phishing attacks to train employees and improve their ability to recognize phishing attempts. For example, AI can send mock phishing emails to employees and provide feedback based on their responses.
AI can also analyse individual user behaviour and learning progress to tailor training programs to each user’s needs.
Conclusion
Rapid development of new technologies including AI and machine learning are arming cyber-criminals with increasingly sophisticated weapons. However, AI also provides cybersecurity experts with new ways to arm themselves against the crimes perpetrated. The integration of AI into cybersecurity is transforming the way organizations protect themselves from cyber-crimes. From automated threat detection to enhanced incident response, and better user training and simulation tools, AI is proving to be an extremely useful tool in the fight against cyber threats.
Luckily, tech companies are now developing holistic AI-powered solutions to aid the people who are responsible for keeping their organisations safe from cyber threats. Google’s Cloud Security AI Workbench is an example of a solution that gives people access to AI-powered expertise to go beyond what they could do alone.