Artificial Intelligence (AI) powered tools have become prevalent in the cybersecurity landscape. AI-powered tools are crucial in identifying cyberattacks, mitigating future threats, automating security operations, and identifying potential risks. On the one hand, introducing AI in the global cybersecurity industry has led to the automation of various tasks. Still, on the other hand, it has also enabled threat actors to design and attempt more sophisticated attacks. Additionally, AI is recognized as a fundamental element in the future of cybersecurity as researchers continue to develop sophisticated computing systems capable of effectively detecting and isolating cyber threats. The advancement of AI in cybersecurity holds great promise for enhancing the resilience and effectiveness of defense mechanisms against evolving cyber risks.
With the increased use of AI, an increase in potential risks and challenges in the form of privacy concerns, ethical considerations around autonomous decision-making, the need for continuous monitoring and validation, etc., could also be observed. Thus, the question of whether the industry needs to regulate the use of AI in the cybersecurity domain also arises. Cybersecurity Exchange got in touch with Rakesh Sharma, Enterprise Security Architect at National Australia Bank, to learn his views on the role of artificial intelligence in cybersecurity and the need for AI regulation. Rakesh Sharma is a cyber security expert with over 17 years of multi-disciplinary experience and has worked with global financial institutions and cyber security vendors. Throughout his career, Rakesh Sharma has consistently accomplished notable professional achievements, demonstrating expertise in designing and implementing resilient security strategies. His extensive experience and strong leadership qualities position him as a critical driver of innovation in safeguarding organizations against emerging cyber threats, prioritizing preserving data integrity and confidentiality.
1 How would you describe the current role of artificial intelligence in cybersecurity? What are some critical areas where AI is being applied effectively?
AI has the potential to revolutionize the way organizations defend themselves against ever-evolving cyber threats. By leveraging the power of AI, organizations can automate many tasks that were previously performed by human security analysts, resulting in faster threat detection and remediation. AI can adapt to new threats and constantly update its algorithms, ensuring that organizations stay one step ahead of cybercriminals.
AI is being applied in a number of critical areas of cybersecurity, such as automating incident response, improving vulnerability identification and management, strengthening user authentication and enhancing behavioral analysis for malware detection. It has helped security teams in detection of unknown malware, suspicious patterns, fraudulent activities, anomalous behaviours, insider threats, unauthorized access attempts and a lot more. With the actionable insights provided by AI-enabled cybersecurity systems, organizations can make better security decisions and effectively protect their networks, data, and users.
2 In your opinion, what are the significant advantages that AI brings to cybersecurity? Can you provide any specific examples or use cases?
One of the key advantages of AI-powered cybersecurity systems is their ability to analyze vast amounts of data in real-time. This allows organizations to detect and respond to threats more rapidly, minimizing the potential damage caused by attacks. Traditional manual methods of threat detection and analysis can be time-consuming and prone to errors.
Another significant advantage is continuous learning and adaptation. AI technologies, particularly unsupervised machine learning, have the ability to learn from new data and adapt to changing threat landscapes. This enables AI systems to improve their detection capabilities over time, staying up-to-date with emerging threats and evolving attack techniques.
One of the common use cases where AI is playing a vital role are SIEM, Security Analytics and SOAR platforms in cloud where it is enabling faster and more accurate threat detection, leveraging threat intelligence, analyzing behavior, automating response actions, and facilitating proactive threat hunting. It helps organizations strengthen their cybersecurity defenses and respond effectively to evolving threats.
3 Conversely, what are the potential risks or challenges associated increased use of AI in cybersecurity? How can these be mitigated?
AI in cybersecurity has the potential to be a major force for good but comes with certain challenges. We have been hearing a lot about Adversarial AI which means AI systems themselves can become targets of adversarial attacks where attackers can manipulate or trick AI systems to make incorrect decisions. These systems can be complex and may lead to unknown vulnerabilities.
Since these systems rely heavily on input data, the accuracy and biasness in data are important factors to be considered when training AI models. Additionally, there are privacy and ethical concerns on the usage of sensitive data for making decisions and a governance and oversight is required to involve humans in decision making process than relying solely on AI systems because they seem to be black boxes to end users. The explainability of AI systems pose a challenge because it could be system complexity or intellectual property issue associated with AI algorithms which end-users want to understand to determine how AI system is making a decision or performing a task with fairness.
Other concerns are around regulatory compliance or legal requirements which are still evolving and may not be applicable across all industries and countries.
4 How can security teams mitigate these AI-enabled risks with threat actors ramping up to include automation and AI in their invasive efforts?
Security teams must adopt security solutions with AI capabilities to detect and respond to emerging threats in real-time and stay ahead in the game of cyber security. AI systems can automate repetitive security operations activities and free up security analysts to focus on higher-priority tasks, such as threat hunting.
They also need to maintain constant vigilance and keep up-to-date with the latest advancements in AI technology and the tactics used by threat actors. By applying adversarial machine learning techniques to detect and counter AI-generated attacks, they can improve the security and resilience of AI systems.
Regular penetration testing and red teaming exercises should be conducted to identify vulnerabilities in AI systems and assess their effectiveness against AI-driven attacks. Compliance with relevant regulations and frameworks governing AI and cybersecurity is crucial to ensure adherence to standards and protect against legal and operational risks. Collaboration with other organizations, security vendors, and industry groups is important to foster information sharing and exchange insights about AI-enabled threats.
5 Why do you believe there is a need to regulate the use of AI in the cybersecurity domain? Should these regulations also expand to cover AI’s impact on workforce substitution?
I believe that as AI systems become more capable over time, they become attractive targets for malicious actors seeking to exploit their potential. AI can be used to launch targeted attacks, make mission critical decisions and potentially endanger lives or cause physical harm, so they need to be designed with the principles of responsible and Ethical AI and need robust governance framework and oversight.
AI can also be misused in spreading misinformation and disinformation. AI algorithms can be utilized to generate fake news articles, social media posts, or even deepfake videos, which can be used to manipulate public opinion, sow discord, or foster distrust leading to social, political, and economic disruptions. It is therefore important to have regulations around applications of AI.
Although there will be some workforce displacement due to AI but at the same time new jobs will be created too to develop, maintain and secure AI systems. Regulations surely can strike a balance between fostering AI innovation and safeguarding the interests of the workforce.
6 With AI evolving rapidly, do you believe current regulations adequately address the potential risks and ethical concerns surrounding AI in cybersecurity? Why or why not?
Current regulations may not sufficiently address the potential risks and ethical concerns posed by the evolving AI in cybersecurity. This is primarily due to the lack of specificity in existing regulations, the rapid pace of technological advancements, and the interdisciplinary nature of AI and cybersecurity. The language and scope of current regulations may not comprehensively cover the unique challenges of AI-driven cyber threats. Moreover, the rapid evolution of AI technology often outpaces the development of regulations, making it difficult to keep up with emerging AI-enabled risks.
7 What, in your view, should be the key elements of AI regulation in the context of cybersecurity? Are there any specific principles or guidelines that should be implemented?
It is crucial for regulations to address some key elements to promote responsible and secure use of AI in cybersecurity while considering jurisdiction-specific requirements and industry dynamics.
These regulations should emphasize the need for transparency and explainability in AI systems, ensure the data privacy, promote ethical use of AI and prohibit misuse, establish accountability and liability frameworks, require independent audits, involve human oversight, encourage collaboration and information sharing, and training users so that they are equipped to use AI systems safely and responsibly.