Don’t bring a knife to a gunfight
In other parts of the enterprise, many organizations may choose to go slow on AI, but in cybersecurity there’s no holding back: Attackers will use AI, so defenders will have to use it too. If an organization’s IT department or cybersecurity provider isn’t already using AI, it has to start thinking immediately about AI’s short- and long-term security applications. Sample use cases include distributed denial of service (DDOS) pattern recognition, prioritization of log alerts for escalation and investigation, and risk-based authentication.
Cybersecurity may speed up AI’s acceptance
Since even AI-wary organizations will have to use AI for cybersecurity, cyberdefense will be many enterprises’ first experience with AI. We see this fostering familiarity with AI and willingness to use it elsewhere. A further spur to AI acceptance will come from its hunger for data: The greater AI’s presence and access to data throughout an organization, the better it can defend against cyberthreats. Some organizations are already building out on-premise and cloud-based “threat lakes,” that will enable AI capabilities.
An AI hack may increase public fears
Many people are already nervous about AI. Even more are concerned about cybersecurity. It’s possible that when AI makes headlines this year, it won’t be for helping humanity—but for having enabled a major hack. Better cybersecurity can mitigate this risk. Besides developing feature sets for AI capabilities, this heightened security will require companies to augment the data and compute platforms that support advanced analytics with privileged access monitoring, object-level change management, source code reviews, and expanded cybersecurity controls, among other precautions.
