The task of cybersecurity is rapidly becoming too complex for humans to handle alone. That’s why artificial intelligence will become an increasingly powerful tool for IT teams — as well as the cybercriminals trying to outmaneuver them.
According to research conducted by PwC, the number of worldwide cybersecurity incidents grew by 38% in 2015, which was at that point the largest annual jump in the twelve-year history of the firm’s Global State of Information Security Survey. Global cybercrime is expected to cost companies more than $6 trillion in 2021, more than doubling the tally from 2016.
What’s behind this troubling trajectory? In a word, scale. Enterprises already face an unmanageable number of cybersecurity threats, a problem that will only be aggravated by the deluge of new devices that future networks will have to support thanks to technologies like the IoT. The cybersecurity giant McAfee estimates that there will be a global skilled-labor shortage of up to two million workers as early as next year, and the average survey respondent expects 15% of their cybersecurity positions to remain unfilled through 2020.
In order to offset this shortage of technical talent, companies are starting to explore various kinds of cybersecurity automation, and one of the most likely candidates thus far is artificial intelligence (AI). While AI is likely to revolutionize everything from law, to medicine, to transportation over the course of the coming decade, it has perhaps unparalleled potential in the field of cybersecurity. That said, as great an asset as AI is to corporate IT teams, it poses just as great a threat when deployed maliciously.
The promise of AI-powered tools in the cybersecurity space rests with their capacity to process and analyze millions upon millions of data points at superhuman speeds. As connected devices continue to proliferate, corporate IT teams will be tasked with monitoring a growing number of endpoints and systems across increasingly wider network surfaces.
Machine learning algorithms — one particularly useful subset of AI — help cybersecurity professionals accomplish monotonous, yet labor-intensive tasks like monitoring interface statistics, logged-in users, and longitudinal bandwidth consumption. What’s more, they also automatically simulate countless possible cyberattack scenarios and learn from the expected results.
Finally, machine learning algorithms adapt to the nuances of a company’s networks over time, establishing baseline activity profiles for each and every known network user. This significantly narrows the field of possible threats while alerting IT teams to aberrant behavior, which is often a sign of an internal attack.
Unfortunately, all of these capabilities can be used for malicious purposes with just a few tweaks — often to even greater effect. In the world of cybercrime, playing offense is far cheaper than playing defense, a dynamic that will only become more obvious as both sides scale up their efforts with AI.
Many cyberattacks are premised on convincing mimicry of “good,” ordinary network traffic. Even in our current massive-scale cybersecurity environment, a skilled corporate IT team will typically be able to identify and stop an attack if it waves a bundle of red flags on its way in the door. There are many ways a cybercriminal can disguise an attack, but like the cyberdefense tasks mentioned above, most of them require a great deal of manual work.
For instance, by leveraging the targeting capabilities of AI that are ordinarily deployed in the marketing sphere, a cybercriminal can optimize a phishing campaign with unparalleled precision. Machine learning algorithms are incredibly adept at gathering, organizing, and analyzing personal data from a wide range of sources — emails, social media feeds, search histories — and could use these insights to execute a near-perfect phishing scam.
Ultimately, AI is unlikely to edge humankind out of either corner of the cybersecurity endeavor — at least not anytime soon. “While automation will never fully replace human judgment,” the McAfee survey concludes, “it does create efficiencies, which allow cybersecurity professionals to focus their time and talent on the more advanced threats that require human intervention.”
A balanced human-AI partnership like this will be key for many companies in the coming year, but it’s not the most important cybersecurity partnership they should consider. Corporate IT teams are understaffed and overwhelmed. At the end of the day, the best way for them to ensure that their critical infrastructure is fully protected is to solicit a comprehensive network assessment from a cybersecurity expert like Turn-key Technologies (TTI).
At TTI, we’ve been protecting corporate networks from the full spectrum of cybersecurity threats for decades. As Certified Wireless Security Professionals, we have the know-how needed to inspect a company’s network traffic, educate the company’s employees, and augment existing cybersecurity protocols where necessary.