The Evolution of AI in Cybersecurity

By Nima Baiati

Nima Baiati, Executive Director & GM, Commercial Cybersecurity Solutions, Lenovo

Perhaps not since the invention of the printing press has any technology been poised to revolutionize every aspect of life and business, at least from a promise standpoint. The potential for disruption and increased productivity in cybersecurity is immense, as enterprises continue to face rising pressures internally and externally.

Cybersecurity has always been a challenging game, and it won’t get any easier. One concerning aspect is the potential for Generative AI (GAI) to empower malicious individuals with advanced capabilities. This may lead to easier compromise of passwords, exploitation of vulnerabilities through deepfakes in social engineering, and greater ingenuity in malware creation, resulting in an acceleration of cyberattacks.

However, there is a silver lining. The same AI tools available to potential attackers can also be utilized by defenders. This means that an increasing number of cybersecurity activities can be automated, making them more efficient. AI is being leveraged for improved risk analysis, threat detection, and automating alerts and responses. It also plays a role in balancing security and user experience (UX) by analyzing behavioral data and simplifying verification processes, as an overly secure gate becomes impractical.

The efficiency gains from AI-enabled cybersecurity tools can help address the critical shortage of skilled labor in the field. Even smaller organizations, such as small to medium-sized businesses (SMBs) and educational institutions lacking the resources of larger enterprises, can automate more security solutions and become more resilient targets. While technology advances, the foundational infrastructure of every organization’s security system will remain constant.

Train the Humans, Not Just AI

Even the best security defenses can be foiled by simple human mistakes. We talk about training AI models, but we often forget that people are the most crucial components of a robust cybersecurity strategy, not technology alone. For hackers, a misappropriated key is always more potent than a brute force attack.

In today’s world, organizations must prioritize building robust security cultures, particularly since the greatest challenge in securing systems and companies lies with people. Equipping employees with the necessary training and support is essential to maintain constant awareness of threats and remain observant against attacks. For example, the sophistication of social engineering phishing attacks, fueled by deepfakes, can be countered when employees adhere to proper protocols.

Security by design is even more critical than end-user vigilance. It is not enough for software to undergo security reviews; it should be built with security embedded throughout. Both device manufacturers and purchasers must make informed decisions based on security outcomes, rather than purely considering form, function, and cost. Original equipment manufacturers (OEMs) should ensure device protection throughout its lifecycle, including a transparent and secure supply chain, defending against threats like BIOS attacks, and ensuring data protection from the operating system to the cloud. Buyers who overlook security by design and rely too heavily on after-market or bolted-on security solutions should be aware of the risks they assume.

AI for the Future

The potential impact of AI knows no bounds. The ability to process vast amounts of data and make informed decisions at an exponential rate will revolutionize everything for everyone, similar to how the invention of the internal combustion engine and electricity propelled us forward.

This development is positive because there are significantly more individuals striving for positive outcomes than there are malicious actors seeking to steal data or cause harm. However, safeguarding our organizations and harnessing the benefits of AI requires good decision-making and an attentive approach.

Incorporating security intrinsically at every stage of development and deployment is crucial. Each organization will have its unique security needs, frameworks and specific threats that require a tailored approach. When evaluating devices, it becomes vital to integrate security across all layers including the supply chain, below the operating system and above the operating system.

Not all data can be protected equally, and the goal of achieving zero cybersecurity breaches is an unrealistic aspiration given the vast threat landscape. Therefore, business leaders and security experts must make strategic decisions regarding their primary concerns and how best to protect their assets. Ultimately, AI tools that support security-focused cultures and prioritize the right aspects will lead to more robust defenses.


No posts to display