Content

Events
About

Generative AI’s role in enhancing cyber security

Raef Meeuwisse | 01/03/2024

In the dynamic realm of cyber crime, the application of generative AI has emerged as a straightforward yet potent tool. Excelling in narrow tasks, generative AI has proven adept at creating deepfakes, sifting through extensive internet data for spear-phishing reconnaissance and automating the crafting of flawless and convincing personalized phishing messages.

This ease of leveraging generative AI to create hacker tools starkly contrasts with the complexity of using the same technologies to develop robust cyber security measures, which necessitates meticulous planning and orchestration. General intelligence is an area where generative AI currently lags.

Generative AI’s cyber security opportunities

However, the landscape is not devoid of opportunities for leveraging generative AI in cyber security. Its capabilities in collating up-to-date threat intelligence, scanning for vulnerabilities, analyzing extensive logs for anomalies and streamlining administrative tasks are invaluable in bolstering security postures.

The challenge, though, is multifaceted. Contrary to initial beliefs, AI technology has become accessible to criminals due to its affordability and availability without the need for large-scale infrastructure. As I predicted in March 2023, instances of Large Language Models (LLMs), a form of generative AI, once thought to require a decently sized data center, can now be obtained, set up, and utilized even with modest budgets without any data center in sight.

Even for those criminals without the time or means to train their own rogue instance, the proliferation of AI services by organizations seeking customer engagement has inadvertently facilitated criminal access to advanced tools, often at minimal costs. For example, a year ago, the thought that a three-second audio clip of someone’s voice and a free internet AI tool would be enough to create a fully convincing deepfake audio would have seemed crazy – but now such tools and capabilities have been around for months.

This scenario leaves cyber security teams grappling with adversaries equipped with enhanced attack mechanisms, while simultaneously struggling with the absence of coordinated AI tools for effective countermeasures.

To effectively employ generative AI against these threats, cyber security teams must invest significantly in understanding and manually managing these AI tools. Analogous to a soldier in a battlefield, generative AI can be likened to a tank – powerful but requiring direction and control. Generative AI cannot yet autonomously navigate the battlefield or identify targets, but it can amplify the capabilities of its operator in the execution of particular tasks.

Adapting to the AI evolution in cyber security

There are three key considerations for adapting to the AI evolution in cyber security:

  1. Dynamic integration: Integrating generative AI into cyber security strategies demands constant vigilance. The rapid evolution of AI tools requires dedicated efforts to identify and continually adapt to emerging technologies.
  2. Awareness of obsolescence: The pace of AI development means that new tools emerge daily, rendering previous ones obsolete quickly. Staying abreast of these changes is crucial.
  3. Flexible contracting: Caution is advised when entering long-term contracts with AI security providers. The breakneck speed of AI advancements may render today’s cutting-edge technologies outdated in a matter of months.

Looking ahead, we can anticipate a surge in the capabilities of generative and more generalized AI systems in undertaking broader, more coordinated cyber security operations. By the end of 2024, it is plausible that AI systems will be capable of autonomously managing cyber security across an enterprise’s entire digital landscape. This shift will likely redefine the role of security teams, focusing them more on high-level strategic decision-making and handling complex, unusual or physical tasks that lie beyond AI’s current reach.

Want to know more? You can listen to the first full chapter of Artificial Intelligence for Beginners (The Origins of AI) for free on Google Play via this link.

Upcoming Events


Digital Identity Week

09 - 10 September, 2025
Sydney, Australia
Register Now | View Agenda | Learn More

MORE EVENTS