Rethinking Cybersecurity: You need to use AI to fight AI

The rapid advancement of AI introduces new complexities to the cybersecurity landscape. The traditional focus on threat prevention won’t be enough against the sophisticated and dynamic nature of modern cyber risks. But it goes even beyond that, this new world we live in calls for a paradigm shift. We not only need cybersecurity to counteract these new threats, we need cybersecurity to foster a safe environment in which digital interactions can flourish. This new way of thinking means outdated technologies, methodologies, and ideologies need to go overboard. Embracing AI in cybersecurity involves reimagining our control systems and cultivating a mindset that aligns technological advancements with comprehensive security strategies.

Integrating AI into cybersecurity frameworks brings out a crucial question: Can we trust AI with our security? The answer is simple: Yes, but only if done right. We must tread carefully and that involves adopting specialized, not-open AI solutions that are designed for enhanced security and are deeply integrated with your specific organizational context. Such solutions should prioritize data integrity, minimize risks like unintended data exposure, and reduce AI "hallucinations" where the system generates misleading outputs. A balanced approach is essential to harness AI's capabilities effectively while maintaining robust security protocols. An important insight is that the goal is not to seek the most advanced AI technology indiscriminately but to find solutions that are best suited to the specific security needs of an organization. After all: AI systems tend to optimize tasks for efficiency, which may not always align with achieving the most meaningful outcomes. Therefore, integrating AI with a strategic human oversight is crucial for ensuring that security measures are not only efficient but also contextually appropriate and secure.

The amount of data all of us will be generating worldwide is expected to expand to about 180 zettabytes by 2025. Accompanied by an escalation in cyber threats that are increasingly sophisticated, leveraging technologies like deepfakes to create believable scams. Traditional human-driven responses are inadequate for managing and mitigating these threats in real-time, there are only a few seconds to identify a real threat and start countermeasures. Only AI will be capable of sifting real-time through massive datasets to identify and neutralize threats that rapidly and accurately. AI's potential spans several critical areas in cybersecurity, for instance:

• Forensic Analysis and Incident Response: AI can significantly enhance the detection of anomalies both within and outside the organization.
• Security Operations: Utilizing AI for continuous vulnerability assessment, and the improvement of security metrics, dashboards, and reporting systems.
• Identity and Access Management: Strengthening mechanisms to prevent unauthorized access and ensuring identity security.
• Supply Chain Risk Management: Employing AI for ongoing assessment and management of risks posed by third-party engagements.

AI's role also extends into refining the functionality of security operations centres (SOCs), enhancing the capabilities of Security Orchestration, Automation, and Response (SOAR) systems, and improving the efficiency of services such as threat intelligence and vulnerability management.

Moving beyond mere data collection, AI helps in deriving actionable insights from the data, which helps facilitating quicker and more effective decision-making processes. The focus of cybersecurity needs to evolve from predominantly preventing attacks to building resilience by swiftly detecting, responding to, and recovering from threats. Assuming criminals will always get through your defences in the end forces you to rethink what safety means. Eventually AI can aid this shift by automating the detection of threats, segmenting networks to isolate breaches, and facilitating rapid recovery processes. This not only helps in managing an attack more effectively but also optimizes overall security operations, reducing the time and resources dedicated to routine security management. It also means your organization will be (partially) running again even before an attack is over.

For organizations to fully leverage AI in enhancing cybersecurity, a coherent and forward-thinking strategy is essential. This involves engaging everyone, including CEOs and the board, to ensure they understand and support the evolving cybersecurity landscape. Strategic planning should focus on optimizing AI integration through automation of routine tasks, enhancing system coverage, and reducing operational burdens. This allows human workers to concentrate on strategic oversight and decision-making. It leads to a different role for cybersecurity experts, they will be less and less involved in looking at or analysing data, their focus will be on what to do with the outcome of that data. And although it might feel their role will be less interesting as “AI takes over their jobs”, but in reality their work can be more strategic and creative just as well. On the plus side, now most of our time is spent on running security and only a small part on actual countering threats. With increasing costs for cybersecurity, that will be harder and harder to explain. Using AI will be a solution for that as well.

All in all: AI is changing the cybersecurity landscape quickly and fundamentally and it’s urgent to start working on a strategy as soon as possible. AI is a strategic asset in the fight against cyber threats, transforming reactive security measures into proactive security solutions. By redefining our approach to cybersecurity, prioritizing adaptive strategies, and thoughtfully integrating AI, we can achieve a more secure, efficient, and resilient digital infrastructure. As we continue to evolve alongside technological advancements, maintaining a focus on strategic integration, governance, and continuous improvement will be key to realizing a robust cybersecurity framework that balances innovation with integrity.

KPMG Cyber Security Services looks to empower organizations to assess their AI ecosystem, secure their critical models, and respond to adversarial attacks. If you have any questions concerning cyber security issues please contact our experts below.