///////////////////////////////////////////////////////////////////
FEATURE: ARTIFICIAL INTELLIGENCE
servers set up on hacked routers, many
unique C&C IP addresses, as well as regular
updates to make it harder to take down.
Where next?
It is conceivable that we’ll soon see a rise
in AI-powered phishing emails, high-
quality spam and a vast proliferation of
false flags. We’re already noticing this with
threats like TrickBot, which consistently
use email spam and phishing campaigns
as its initial attack pattern. As a result, it
is imperative that businesses train their
employees to spot potentially fake emails,
not to open suspicious file attachments
or click on questionable embedded links.
Currently, web application firewalls can
help detect and mitigate banking Trojans,
but businesses need to ensure they are
updated regularly to keep pace with AI-
powered threats.
Intriguingly, AI could soon be used to conceal
malware presence in a victim’s network
and combine various attack techniques to
identify the most effective disruptive option.
In time, hackers will be able to use AI to
bypass security algorithms. It is critical that all
likely targets – and few are immune – start to
harness AI to fight back.
The business battle
AI’s widespread adoption across different
areas of a business can make it difficult to
understand where to best deploy security
systems and where to focus cybersecurity
teams’ efforts.
Organisations need to ask themselves a
series of questions. What are the strengths
and weaknesses of the IT infrastructures?
Who in the cybersecurity team is fighting
the attacks? Where are resources required
to better cope with AI-based threats? What
employee and industry behaviours influence
security defences? Answering these kinds of
questions makes it easier to determine the
best use of AI.
The key is to adopt a prevent, detect, and
response strategy. If deployed correctly, AI
can be used to collect intelligence about new
threats, attempted attacks and successful
breaches. It can detect abnormalities within
an organisation’s network and flag them
more quickly than a human ever could.
www.intelligentcio.com
Businesses can also make life difficult
for hackers by isolating vulnerable
applications. This is a useful method to
reduce threat risk and render malware
harmless by allowing it to fully execute
in a completely isolated, contained
environment. Crucially, it helps protect
against the most common attack vectors,
such as malicious downloads, plug-ins and
email attachments. As the use of apps
across organisations continues to soar,
these are the areas hackers will target with
AI-powered attacks.
Securing applications must always be a
key concern for business leaders looking to
ensure IT infrastructures are continually
protected, despite new technologies
entering the market.
AI versus AI
The business case for AI in cybersecurity is
strong and the operational efficiencies of
automation are becoming clearer with each
passing day. Even so, it is important to not
entirely rely on automation. It is not a silver
bullet and security teams should still be present
in frontline roles. For example, there will always
be a need for specific human knowledge and
interaction with application services.
Cybersecurity as a discipline currently
boasts one of the widest uses of AI in
the enterprise space and it’s clear that
adoption isn’t slowing any time soon.
Everyone needs to remember that AI can
be both a weapon of mass destruction and
a vital part of the solution. n
INTELLIGENTCIO
57