Artificial Intelligence (AI) has become a popular topic in technology discussions, leading some organizations to consider investing in AI for cybersecurity. However, it is important to understand the downsides of AI before making such investments. These downsides include bias in decision-making, lack of transparency in recommendations, the AI skills shortage, and the resource-intensive nature of AI. These limitations mean that investing heavily in AI for cybersecurity, especially in generative AI such as Large Language Models (LLMs), can have its drawbacks.
According to Thomas P. Vartanian, executive director at the nonprofit Financial Technology and Cybersecurity Center, true machine intelligence, resembling human intelligence, is still far from being achieved. Therefore, AI is largely not in use from that perspective. However, the use of LLMs that are trained on vast amounts of data is rapidly increasing. In order to determine the role that AI should play in their cybersecurity strategy, IT leaders must carefully consider the potential benefits and drawbacks it brings.
One of the main benefits of AI in the field of cybersecurity is its ability to detect, analyze, and respond to security threats faster than traditional security tools. AI can also understand an organization’s networks and systems, analyze large amounts of data to detect unusual activity, and suggest options to address vulnerabilities. Perhaps the most significant benefit of AI in cybersecurity is its potential to level the playing field against attackers. Hackers and other bad actors typically have access to cutting-edge tools, so organizations must leverage AI technology to keep pace with ever-changing threats.
Larry Clinton, president of the cybersecurity trade association Internet Security Alliance, emphasizes that adversaries have been using AI tools for some time. Therefore, organizations that fail to adopt AI technologies are at a greater risk of being subjected to sophisticated attacks. AI-driven security can help organizations become more proactive and forward-looking in their risk posture. AI tools can swiftly evaluate potential threats and recommend response options, while machine learning algorithms can continuously improve vulnerability management, authentication, and defenses against malicious bots.
Another benefit of AI in cybersecurity is its ability to assess vulnerabilities in hybrid or remote working environments. Due to the increase in remote work, organizations’ networks have expanded, leading to security vulnerabilities. AI can assist organizations in addressing their growing security needs in response to employees working remotely.
Despite these benefits, investing in AI for cybersecurity has its drawbacks. One significant drawback is the expense of AI adoption efforts. For example, the acquisition, integration, monitoring, and maintenance of applications, particularly LLMs, can be a costly process. Additionally, AI is currently resource-intensive, requiring extensive and diverse training data as well as personnel with expertise in operating and maintaining AI models and software programs. The lack of sufficient training data can also lead to incorrect monitoring results and false positives, which can have serious consequences for organizations. There is also a shortage of AI experts who truly understand the technology and can effectively implement it.
Considering these concerns, CIOs must carefully evaluate AI in the context of their organization’s cybersecurity strategy, weighing the anticipated costs against the potential rewards. They should also be cautious about potential bias in output and the reputational harm that could result from AI systems trained on bad data. It is crucial to implement AI technologies carefully and thoroughly, blending them into the overall business plan.
Currently, organizations are in the experimental stage when it comes to AI in cybersecurity. One sector that has seen benefits from AI investments is banking and financial services. One promising use case is the detection of money laundering, where AI models can identify patterns and monitor suspicious behavior at scale, which would be impossible for humans to carry out manually.
Moving forward, the use of AI tools in cybersecurity, especially LLMs, is expected to mature. However, improvements in decision-making capabilities will be necessary for AI platforms as they evolve. It is important for organizations to thoroughly assess the potential benefits of AI for their cybersecurity efforts while considering its overall impact on the business. AI is not a magic bullet, and careful planning and implementation are essential.