Cybersecurity and AI: A Changing Landscape
Written by: University of Tulsa • Dec 13, 2023
Cybersecurity and AI: A Changing Landscape ¶
The threat cyber attacks pose to companies’ systems and services continues to grow, as do the costs associated with these attacks. In 2022, an IBM survey found that the average cost of a data breach in the U.S. was $9.44 million, the highest of any country surveyed.
Part of the reason these attacks pose such a grave threat is the increasing sophistication of hackers’ tactics, which includes the use of artificial intelligence (AI). But while innovations in AI are providing cybercriminals with new ways to commit malicious acts, they are also creating opportunities for companies to protect themselves against those acts.
Many of the benefits that AI can offer when it comes to cybersecurity have been enticing enough for a number of companies to invest, with research from BlackBerry indicating that 82% of information technology (IT) decision-makers plan on investing in AI-driven cybersecurity resources before the end of 2023. Research from Acumen projects that the global market for AI cybersecurity tools will reach $133.8 billion by 2030, compared to $14.9 billion spent in 2021.
AI’s increasing role in cybersecurity means that professionals who know how to get the most out of this technology may be leading the efforts to keep companies’ networks safe. Pursuing a graduate degree can help individuals stay on top of industry trends, such as the interplay between cybersecurity and AI, and develop the skills and expertise they need to advance their careers.
What Is Artificial Intelligence? ¶
Artificial intelligence is a machine simulation of human intelligence that uses various methods but often makes algorithmic-based decisions based on a large set of data. Interest in AI has surged recently, becoming a central topic of discussion across industries. AI’s growing prominence can be partially attributed to the emergence of generative AI, which has garnered significant attention from the public and businesses.
What Is Generative AI? ¶
Generative AI refers to AI models that can create seemingly novel content, including text, images, and music, based on patterns and examples provided during the model’s training. Platforms such as ChatGPT have gained recognition for their ability to generate humanlike responses. These systems employ deep learning algorithms that analyze vast amounts of data to find patterns in the data. They then use what they’ve learned to generate seemingly coherent and contextually relevant responses to a user’s inputs.
For generative AI programs to work, they need to be trained on a large assortment of data. Programmers building these AI programs use a method commonly called scraping that involves collecting vast amounts of data from the internet, pulling information from many different sources, such as books, articles, websites, and other publicly available online text, such as programming code examples.
For text-based AI, like ChatGPT, the programmers feed the training data into the model using advanced machine learning techniques, such as neural networks, which are a series of algorithms that recognize patterns and probability. The model analyzes the context of those patterns within the training data to make predictions. Models can use similar training methods with other data types to create different outputs, such as images or sounds like speech and music.
Once the training is complete, the generative AI model is ready to create new text based on the learned patterns using an input-output mechanism. When given an input, the model uses its internal representations and learned patterns to predict the most likely series of words or sequence of words as the output. The more information users input into an AI model, the more data and context it has to fine-tune its pattern recognition and improve its responses.
Newer AI models have been able to process responses that seem even more convincingly human, and they can re-create a variety of sophisticated responses ranging from programming code (malicious or benign) to poetry, all based on algorithmic probabilities. Using the same machine learning methods, AI models that are smaller in scope and more limited in their responses can also be created, such as a business’s online chatbot that only discusses the products they sell.
Generative AI Challenges and Misconceptions ¶
A notable challenge of generative AI is that — although the technology provides outputs that are the most acceptable outputs for the particular prompts based on its training — it is incapable of checking its outputs for accuracy. It does not pull information from a memory bank or directly from the internet. Instead, it chooses the most likely series of responses based on the input context in relation to patterns it learned during its training.
As a result, generated responses may not reflect up-to-date data, or may give incorrect or uncanny responses to user inputs, regardless of the AI model’s certainty in its accuracy. Because of this, using generative AI to create code requires a professional to oversee and potentially fix its outputs to ensure that they don’t contain errors.
Why Is It Important to Understand the Role of Artificial Intelligence in Cybersecurity? ¶
Understanding AI technology is paramount for cybersecurity professionals. As AI advances, cybercriminals can use its capabilities to develop increasingly sophisticated attack techniques, posing new challenges for cybersecurity experts.
AI-driven cyber attacks represent a growing concern. Cybercriminals are using AI algorithms and machine learning techniques to automate their attack processes, enabling them to launch large-scale and highly targeted attacks with minimal human intervention. These AI-driven attacks exhibit adaptive and evasive behaviors, making them difficult to detect and mitigate using traditional security measures.
One example of this is the use of AI-powered malware. Cybercriminals employ AI algorithms to create intelligent malware that bypasses traditional security defenses by constantly evolving its behavior and evading detection. This malware can adapt its attack patterns based on real-time observations and responses, making it highly effective in infiltrating systems and extracting sensitive data.
The emergence of AI-driven cyber attacks has significantly increased the demand for cybersecurity professionals with AI expertise. Organizations need professionals who possess a deep understanding of AI technology and its potential applications in cybersecurity. Armed with this expertise, these professionals can analyze AI-driven attack patterns, develop advanced defenses, and implement strategies to counter evolving cybersecurity and AI threats.
Combating AI-driven cyber attacks requires cybersecurity professionals to monitor the latest developments in AI technology and understand their implications for cybersecurity. They must be well versed in machine learning, data analytics, and AI algorithms to effectively detect and mitigate AI-powered threats. Additionally, a comprehensive understanding of AI can enable cybersecurity experts to turn the tables on hackers, applying AI tools and techniques to enhance their defensive capabilities.
AI Challenges to the Cybersecurity Landscape ¶
As AI becomes more accessible, cybercriminals are finding innovative ways to exploit its capabilities, leveraging it to launch sophisticated attacks. One significant concern is how cybercriminals are using AI to automate and optimize cyber attacks. AI algorithms can quickly analyze vast amounts of data, identify patterns, and generate targeted attacks with minimal human input. However, even hackers still need to ensure their code is functional, meaning AI-based cyber attacks are not yet entirely autonomous.
Despite the need for human oversight to ensure malicious code functions properly and obscures hackers’ identities from authorities, the level of automation that AI allows can enable cybercriminals to launch large-scale, coordinated attacks that they otherwise may not have had the skill or capacity to pull off. These attacks can compromise networks, steal sensitive information, or disrupt critical infrastructure.
AI-Assisted Cyber Attacks ¶
AI-powered “botnets” are falsified or compromised network-connected accounts and devices that all act on the orders of the infecting malware. These bots can coordinate distributed denial-of-service (DDoS) attacks that overwhelm their targets through repeated attempts to access their systems. Coordinated DDoS attacks can trigger an entire system to shut down, causing service disruptions and incurring high financial costs until a cybersecurity professional can return the system to normal.
Hackers can also use AI to bypass traditional cybersecurity defenses. Adversarial machine learning techniques allow attackers to manipulate AI models and exploit vulnerabilities in their decision-making processes. By feeding malicious inputs into AI systems, attackers can deceive them into making incorrect decisions.
AI-powered malware is also a growing concern. By leveraging machine learning techniques, cybercriminals can create sophisticated malware that evades traditional antivirus software. AI-driven malware can learn from its environment, adapt its behavior, and evade detection by mimicking legitimate processes or with malicious code encrypted within the malware.
Another emerging concern is the use of generative AI models to create realistic fake content, such as deep fakes or phishing emails that appear more authentic, that can be used to deceive individuals or organizations. As it becomes increasingly challenging to distinguish between genuine and malicious communications, the number of social engineering attacks, in which hackers attempt to trick individuals into revealing sensitive information or compromising their security, is likely to rise.
Phishing attacks are already one of the most common methods of cyber attack, with the U.S. Cybersecurity and Infrastructure Security Agency reporting that 90% of cyber attacks begin with a successful phishing scheme. Generative AI could make phishing emails seem even more legitimate and increase this rate, making it one of the top areas of concern in the realm of cybersecurity and AI.
Concerns over phishing are particularly noteworthy as more employees move to remote work, which often means the devices they use to interface with a company’s secure network may not be as heavily guarded, creating unintended backdoors for hackers. For example, an employee may use a work computer unprotected by a company’s firewall and unintentionally access a malicious website or fall for a convincing phishing email that gives the hacker access to sensitive company information.
AI Challenges for Cybersecurity Professionals ¶
Other areas of concern for cybersecurity professionals stem from the potential challenges companies face due to their increasing reliance on AI for decision-making in critical systems. If an attacker gains unauthorized access to an AI-driven system or manipulates the training data used by such a system, they can introduce biases or cause them to make incorrect decisions.
For example, a cyber attack that manipulates AI algorithms in autonomous vehicles or critical infrastructure could have devastating consequences, potentially leading to accidents or infrastructure failures. Examples like these showcase how the unquestioning adoption of AI systems into more aspects of everyday life can create vulnerabilities and highlights the increasing importance of cybersecurity professionals in more industries.
To mitigate these threats, cybersecurity professionals must proactively address the vulnerabilities introduced by AI, including by investing in robust AI security measures, such as security training data management, adversarial robustness testing, and continuous monitoring of AI systems for potential anomalies or attacks. AI researchers and cybersecurity experts need to collaborate to develop advanced defense mechanisms and resilient AI models that can withstand adversarial attacks.
AI Benefits to the Cybersecurity Landscape ¶
While AI introduces new challenges in the realm of cybersecurity, it also offers valuable tools and solutions that can enhance the effectiveness of cybersecurity professionals in detecting and preventing attacks. Understanding how to use cybersecurity and AI in tandem can give IT professionals an edge in the AI arms race with hackers. It may also make them more desirable for higher-level employment, given the importance of their specialized knowledge.
Improved Threat Detection ¶
One notable application of AI in cybersecurity is the use of machine learning algorithms for threat and anomaly detection. AI models can analyze vast amounts of data from various sources, including network logs, user behavior, and system events, to identify patterns indicative of potential attacks. By continuously learning and adapting to new threats, AI-powered systems can detect suspicious activity and alert cybersecurity professionals, allowing for prompt response and mitigation.
AI can assist in automating routine and time-consuming tasks as well, enabling cybersecurity teams to focus on more complex and critical activities. For instance, AI can automate the analysis of security alerts, reducing the burden on analysts and allowing them to allocate their time and expertise to investigating and responding to high-priority incidents. Given the potential volume of alerts generated by modern networks, this automation can increase efficiency and ensure that security operations are manageable.
AI also can enhance threat intelligence capabilities by automating the gathering, analyzing, and sharing of security-related information. By monitoring various sources, including social media sites and dark web forums populated by hackers, AI-powered systems can identify emerging threats, trends, and indicators of malicious activity without human intervention. This valuable intelligence enables cybersecurity professionals to proactively adjust their defenses and stay ahead of evolving threats.
Improved Defenses and Response Time ¶
Another significant advantage of AI-powered systems is that they can analyze and correlate data in real time, providing security teams with actionable insights and context during an ongoing security incident. By quickly identifying the scope and severity of an attack, cybersecurity professionals can respond promptly, implement the necessary containment measures, and minimize the impact of a breach.
Additionally, cybersecurity professionals can use AI in vulnerability management and patching processes. AI-powered systems can identify potential vulnerabilities and prioritize them based on their severity and potential impact by analyzing various aspects of a system, the code that makes it function, and historical data. This prioritization enables organizations to focus on promptly addressing the most critical vulnerabilities, reducing the window of opportunity for attackers.
Cybersecurity experts also can employ AI in user behavior analytics (UBA) to check unusual or unexplained user activities to determine if they’re cyber threats. By building models based on anticipated user behavior, AI systems can identify deviations that may indicate malicious intent or compromised accounts. This proactive approach helps organizations detect potential threats, such as unauthorized access through unused channels, and mitigate potential damage.
The Importance of Continuous Cybersecurity Education ¶
As more opportunities arise to combine cybersecurity and AI tools, cybersecurity professionals who understand this technology will be increasingly important across industries. In such a rapidly evolving field, staying up to date with the latest AI-driven threats, vulnerabilities, and defense mechanisms is essential. Ongoing learning allows cybersecurity professionals to adapt their strategies and stay ahead of cybercriminals who use AI for malicious purposes.
Professionals can expand their expertise and career opportunities through further education that builds upon the specialized knowledge and skills they’ve acquired as cybersecurity experts. Additionally, ongoing education helps professionals understand the ethical implications of AI in cybersecurity, enabling them to navigate complex issues as they use and implement AI technologies.
Advance Your Career in Cybersecurity ¶
As AI becomes increasingly sophisticated, cybercriminals can use its capabilities to launch more sophisticated attacks, presenting a formidable threat to individuals and companies alike. However, AI also offers valuable solutions for cybersecurity professionals, enabling them to detect and respond to threats more effectively, automate routine tasks, and stay ahead of evolving attack methods. This means companies will need the expertise of skilled cybersecurity specialists to protect their digital assets.
Career success in this field will increasingly require the ability to navigate the complexities of AI-driven attacks and defenses. Pursuing advanced education is one way for cybersecurity professionals to develop this expertise. If you’re interested in advancing your cybersecurity career, consider the benefits of enrolling in The University of Tulsa’s online Master of Science in Cyber Security program.
TU’s program prepares cybersecurity professionals to shape their companies’ defense strategies, including how they approach AI-driven threats and how they use AI in their defenses. With courses covering subjects such as cybersecurity policy, defensive technologies, and secure system administration, the program offers well-rounded coverage of the foundations of cybersecurity. Additionally, this 100% online program can be completed in 20 months, letting you advance your career at your pace.
Find out how The University of Tulsa can help you lead cyber defense in the age of AI.