AI in cybersecurity: business strategy to boost resilience

Advancements in artificial intelligence in the past 18 months have turned the technology into a powerful tool for business – of that there is little doubt. Where there is uncertainty is how exactly to utilise AI to make the most of the opportunities it presents.

On a darker note, such a powerful tool can also be used against organisations by those compelled to do so, especially when it comes to cyber attacks.

Our increased reliance on all-things digital – including critical industries like energy, utilities, and finance – has created a fertile hunting ground for cyber criminals, and AI is the latest weapon in their arsenal. 

This is especially true in the Middle East, with sophisticated attacks aimed at both the public and private sectors in recent years.

The Middle East, in particular the United Arab Emirates (UAE) and the Kingdom of Saudi Arabia (KSA), is a prime target for cyberattacks due to the region’s geopolitical importance and its role in finance, energy, and technology,” says Ziad Nasr, General Manager at Acronis ME, a global leader in cyber protection.

“According to our mid-year cyberthreat report, ransomware remains the dominant risk to businesses in the region, while data stealers – an emerging threat that leverages stolen credentials to gain unauthorised access to sensitive information – are gaining growing prominence.”

“However, while proficiency in mitigating cyber threats varies across organisations, the region has made significant strides in bolstering its cybersecurity posture. On its part, the UAE has made meaningful strides to mitigate existing and emerging cyber threats.”

One of those significant strides was the formation of the UAE Cybersecurity Council which has developed a cybersecurity strategy and built a secure cyber infrastructure by creating laws and regulations while also ensuring timely response capabilities to fight cybercrime. 

In KSA, Saudi’s Vision 2030 embeds the concept of digital transformation via technology, with cybersecurity essential to that success.

Measures from governments will help to contain threats as more organisations integrate effective solutions and invest heavily in cyber protection strategies. And right now, they are investing in AI.

According to new research by Censuswide, commissioned by Palo Alto Networks, 95% of UAE organisations plan to increase investment in AI technologies to improve their cybersecurity strategy, with 81% seeing AI as an important enabler for their organisation’s overall approach to cybersecurity. 

“By incorporating AI into their cybersecurity strategies, organisations in the UAE and regionally can improve their ability to defend against a wide range of cyber threats, reduce response times, and gain better visibility into their security posture – combined with other best cybersecurity practices such as employee training, strong policies, and a layered security approach,” says Ercan Aydin, Regional Vice President at Palo Alto Networks, Middle East and Africa (MEA).

“This technology brings many benefits when it comes to identifying patterns to indicate potential threats before an attack occurs and increasing efficiency by automating repetitive and time-consuming tasks.”

AI not a silver bullet

Dr Aloysius Cheang, Chief Security Officer, Huawei Middle East & Central Asia, agrees that AI can be the key to unlocking the value of cybersecurity in terms of providing real business benefits, providing an ‘extra leg up against your competitors’. However, he also says AI in isolation is not a silver bullet.

“We must not overplay the importance of AI,” warns Cheang. “Yes, it is important in the overall strategy of any products, but it stays there as a feature rather than as a means to an end.

“In the case of cybersecurity, AI helps to alleviate the need to eyeball the immense data, logs and other data coming into your dashboard, all screaming for your attention. 

“AI is probably a tool that can move our industry to the next level, if cybersecurity is truly going to be providing companies with business competitive advantage – safeguarding them through treacherous waters that we are facing today.”

Nasr prefers to describe AI as a ‘transformative game-changer’ in the ongoing battle against cyber criminals, pointing to its ability to analyse vast amounts of data and identify patterns that humans would simply not notice.

“It’s no secret that today AI augments the capabilities of security professionals by automating routine tasks and enabling more accurate threat identification,” says Nasr. “This, in turn, has greatly helped organisations make it considerably more challenging for cyber criminals to breach their cybersecurity defences. 

“But even as the use of AI in cybersecurity continues to evolve, cybercriminals are also leveraging AI to enhance their attacks. This has led to the accelerated development of defensive AI, which helps to combat the ever-evolving threats posed by cybercriminals.”

Generative AI, in particular, enables attackers to create highly realistic and adaptive attack vectors, posing new and evolving challenges for cybersecurity professionals. For instance, threat actors can exploit AI to generate deep fakes – images, videos, or audio files designed to look and sound real. These can be used to deceive individuals or organisations, spread misinformation, or commit fraud.

“To mitigate these risks, companies must adopt a multi-pronged approach,” adds Nasr. “This includes investing in AI-driven threat detection and prevention tools, employing advanced AI security measures, and continuously updating and refining their cybersecurity strategies.”

While AI and Gen AI have the potential to bring about significant benefits to businesses on a global scale, their subsequent adoption also increases the risk of attacks and other security issues. This is why AI can be considered a double-edged sword. 

“Since its development, AI has had the potential to greatly improve efficiency, accuracy, and convenience in a wide range of applications,” says Nasr. “But while it offers significant advantages, the adoption of Gen AI and other advanced technologies is also empowering cybercriminals to develop more sophisticated and evasive threats.”

In a typical day using AI, Palo Alto Networks analyses 1.5 million new attacks that have never been seen before. These new insights, combined with the company’s existing landscape, help them block 8.6 billion attacks across their customer base every day.

“Today’s threat actors are using AI and automation to launch sophisticated, large-scale cyberattacks, particularly in complex, borderless IT environments like multicloud,” says Aydin. 

“Attacks are increasing in sophistication, and hackers are using more automated toolchains, which means a rapidly evolving threat landscape.

“With security operations, there is never just one problem that needs to be solved, but rather a series of problems. With AI and ML helping to improve automation and remove manual processes across security operations, it is made possible to prevent more risks from becoming security incidents.”

And that is really the main goal – not necessarily to prevent attacks, or attempted attacks, but to minimise the impact of any breaches and reduce risk.

Changing role of the CISO

AI is changing the landscape of cybersecurity leadership. It’s now becoming a must for Chief Information Security Officers (CISOs) to have a more comprehensive set of skills and knowledge to enable them to deal with emerging cybersecurity threats. 

“It's not just about having technical expertise but having a broader understanding of how AI can be leveraged and strategically deployed to enhance security and manage evolving risks,” says Nasr.

“In terms of redefining the organisational structure, it may also be necessary to ensure that AI experts are in sync with security teams and across all functions – both internally and externally. This involves creating dedicated AI teams within the organisation or integrating AI experts into existing security teams.”

In this new paradigm, Nasr says that AI becomes integral to cybersecurity leadership, requiring CISOs to not only be experts in traditional security but also well-versed in AI technologies and their applications.

The survey from Censuswide found 69% of CEOs said that cybersecurity is a board-level issue within their organisation, and 39% said they are accountable with the CIO for ensuring their organisation is protected against cyberattacks.

Cheang believes that attitudes need to change at the executive management level, at the board level, and how they view AI and cybersecurity.

“It should be a holistic, wholesome strategy, truly incorporating AI and cybersecurity at all levels, as a corporate strategy,” says Cheang. 

“But before doing that, if the company intends to pursue AI as a core strategy, I would recommend setting up the boundaries first. I am referring to the ethical usage of AI – there should be some 10 Commandments of some sort with regard to how you are going to utlise AI and what would be its acceptable usage – what are the checks and balances the company should put in place.”

We only have to rewind recent memory to see unprecedented events and advancements in technology that have changed how we live and do business today. The digitalisation of our world may have given birth to cyber crime, but AI could provide an essential deterrent and armour against these attacks.

After all, when 95% of cyber breaches are caused by human error (according to a recent IBM Cyber Security Intelligence Index Report), then surely an artificial intelligence solution could not fare any worse?