“It takes a long time to build [cyber defense systems] relative to building something that an attacker can use that might work, say, 1% of the time. If they go after 1,000 or 10,000 or 100,000 targets, it’s very easy to do the math on how much 1% success will give you. But as a defender, 1% success doesn’t help you much. And really, what you want for something productized and put in front of customers or users in a reliable sense is something in the high nineties. That takes a long time.”
Some experts think an asymmetric advantage is something cybersecurity professionals are already accustomed to and have dealt with for a long time. “Everyone working in security, we cannot see the good without seeing the bad, right?” Andrea Hervier, head of partnerships at CrowdSec, tells CSO. “We always try to think what could be the consequences of a potential new technology, but when we look at the benefits of AI in cybersecurity at the moment, we can also say that many of the benefits are the flaws at the same time.”
The advent of AI represents two sides of one coin, Hervier says. “What I can say with certainty is that generated AI on one side can automate a lot of day-to-day tasks. It can do them at scale, and it can do them very fast, which can be seen as a good thing. It can also be seen as a bad thing if it’s in the hands of the cybercriminal.”
Even if AI is currently an asymmetric threat, defenders don’t have anything to fear, Fayyaz Makhani, leader, professional services, global compliance, and risk at SecureTrust, tells CSO. “AI has been around in various forms for several years now. Decades, even,” he says. “I think starting last year when it came to the forefront…it became really scary because it’s new.”
“We don’t need to be afraid of AI. We can look at it in a couple of different ways, and if we look at it as tools and as support for whatever it is we do, whether it’s on the white side or the not-so-white side of cybersecurity. I think either way, we all have the ability to utilize artificial intelligence in many different ways.”
AI threats defenders will face
Although it’s hard to foresee the types of threats defenders will face as AI technology takes hold, the ability of attackers to generate synthetic content at scale is one top concern. “The ability to synthetically generate new or seemingly real content will be very interesting. If you take an example from something that happens at the nation-state level where if a nation-state attacker is trying to build up an online presence for a series of accounts to make it look like they’re real, there’s a whole process,” Morgan says.