How AI Is Being Used to Improve Cybersecurity for Businesses of All Sizes Discussing the role of AI in cybersecurity, the challenges that cybersecurity teams are facing and future trends that governments and businesses need to be aware of.

Cybercrime is on the rise across the United States and globally. Over the past decade, online crimes caused more than $12 billion in damage, a twelve-fold increase compared to 2015. Where companies used to fear physical threats such as bank robberies, they are now guarding against far less visible attacks.

As the world's reliance on digital technologies grows, artificial intelligence (AI) has the potential to enhance cybersecurity measures for businesses of any size.

Related: 10 Benefits of Using AI in Cybersecurity Practices

The role of AI in cybersecurity

Cybersecurity has changed dramatically over the past decade. Ten years ago, more than one in five cybersecurity incidents involved paper records. This year, the figure has dropped to an almost negligible 2%. Cyber attacks involving paper records have been replaced by phishing incidents, which nearly doubled throughout this time.

The growth of ransomware attacks is even more obvious. Virtually unknown in 2015, they now account for nearly one in three cyber attacks in the U.S. At this time, AI plays a dual role in cybersecurity as it is used by both perpetrators of online crimes and those looking to secure data. The World Economic Forum has spoken of an AI arms race.

Chief Information Security Officers (CISOs) around the world are leveraging technologies like machine learning and deep learning to stay several steps ahead of their adversaries. Thanks to its fundamental capacity to analyze huge amounts of data, AI allows CISOs and their teams to monitor network activity and spot anomalies early. Identifying suspicious behavior or fraudulent activity early becomes not only easier but may be the key to effectively preventing monetary and other damage.

At the same time, utilizing AI frees up analysts' time, allowing them to concentrate on more strategic activities.

Key AI technologies in cybersecurity

Threat detection and data protection are two cornerstones of effective cybersecurity, and AI can enhance both.

Amazon GuardDuty is an AI-based threat detector that uses machine learning (ML) and Amazon Web Services' (AWS') own integrated threat intelligence to protect AWS accounts and associated data. The software detects suspicious activities such as the removal of AI security guardrails and investigates those faster than human analysts could. Users can also automate threat remediation.

In addition, Amazon GuardDuty protects against ransomware uploads and scans for the presence of malware, including cryptocurrency-related threats.

IBM Watson for Cybersecurity is another heavy hitter in AI-based threat detection. Watson analyses security data from different sources, including security alerts and logs. By combining information gathered in more than one place, Watson can detect threats the non-AI security software may have missed. The company's range of IBM Security® solutions offers more customized tools to meet the cybersecurity needs of today's businesses.

Related: How Companies Can Utilize AI and Quantum Technologies to Improve Cybersecurity

Challenges and limitations

One of the challenges of using AI in cybersecurity is the speed at which the field is expanding. Research firm Gartner predicts that by 2026, four out of five businesses will have used generative AI-enabled applications. By comparison, just one year ago, only 5% of all enterprises were employing these emerging technologies.

Given the rate of acceleration, one of the challenges of cybersecurity professionals is to safeguard these projects. According to IBM, less than a quarter of generative AI projects are secured adequately right now, leaving three-quarters open to malicious attacks.

Cybersecurity teams are facing internal and external challenges. Externally, cyber attacks are becoming more sophisticated as the volume and value of data grow. Potential attackers no longer need excessive computing power to develop harmful products.

At the same time, teams looking to protect an organization's data are dealing with internal problems like the sheer volume of data and increasingly complex data infrastructures. They also have to balance users' need for access with security concerns.

Case studies

Cyber attacks are not limited to specific verticals. As companies' dependency on data grows, so does the potential of cybercrime. Industrial solutions provider Andritz AG noticed an increase in security breaches in 2020. With nearly 50% of its 27,000-strong workforce relying on remote network access, the company needed to find a solution that protected proprietary information and allowed its teams to continue working.

With customers operating power stations and chemical plants among other applications, cybersecurity breaches could quickly become catastrophic. The team implemented an AI-based solution to visualize threats and neutralize them fast, protecting its employees and clients.

China-based United Family Healthcare (UFH) turned to AI-based cybersecurity solutions when a combination of compliance regulations, external threats and employee behaviors like password sharing put data at risk.

The company needed a solution that streamlined security operations in one central location, allowing a relatively small cybersecurity team to monitor and detect suspicious activities across different locations. Once online, their AI-based system provided an overview of the company's security situation within minutes. The application has also had a positive effect on internal operations, with risks and alarms decreasing since its implementation four years ago.

Related: How AI Is Shaping the Cybersecurity Landscape — Exploring the Advantages and Limitations

Future trends

As the use of generative AI continues to expand throughout all verticals and society as a whole, the need for equally powerful cybersecurity will increase.

While it may still be easy to look at cybersecurity as something that may not apply to small businesses, few businesses will be able to overlook cyber threats for much longer. Losing access to an ecommerce website or compromising customer data on social media platforms can threaten a company's future.

As cyber threats evolve and expand their reach, AI-based cybersecurity needs to evolve to detect and neutralize them before damage occurs. In the future, we are likely to see AI-based security elements incorporated into widely used applications such as social media content generation, scheduling tools and more.

When it comes to cybersecurity, AI has a dual role as an antagonist and a protector. Over the coming years, governments and businesses need to ensure that AI-based protection, detection and resolution outpace the growth of cyber threats and cybercrime.