How AI Can Transform Cybersecurity in the Current Year – Spiceworks
From enhanced social engineering tactics to AI-driven PCs, delve into the ways AI is reshaping the cybersecurity landscape this year.
Ian Pratt
Head of Security Worldwide, Personal Systems, HP Inc
Dr. Ian Pratt, the head of security globally at HP, elucidates how recent progressions in AI are evolving into crucial instruments for detecting, responding to, and exploiting threats.
Recent strides in AI offer both cybersecurity defenders and malicious actors novel tools and capabilities. Malevolent entities have already begun exploring the potential of AI to escalate attacks, targeting enterprises with a fresh wave of rapid threats. Nevertheless, AI can also be leveraged for positive purposes – empowering security teams to fortify threat identification and streamline response efforts. This development is particularly timely, given the reported global demand for four million cybersecurity professionals.
This year, the prominence of AI and its influence on cybersecurity are expected to grow, enhancing phishing schemes, pinpointing vulnerabilities in defenses, and diminishing the time required to counteract and counter assaults. Additionally, cybersecurity teams will prioritize AI utilization by gearing up for the emerging wave of AI-infused threats and leveraging this technology to their benefit.
Three Key Ways AI Will Influence the Cybersecurity Arena
1. Amplified Impact of AI on Social Engineering
Cybercriminals will harness AI to amplify social engineering assaults on an unprecedented scale, generating persuasive and hard-to-detect phishing baits swiftly. These baits are likely to be highly plausible, as cybercriminals automate tailored lures using data sourced from social platforms or compromised mail accounts. Consequently, these lures will pose a significant challenge for employees to discern – even post phishing awareness training. Attackers will also utilize AI to fabricate lures in less common languages, heightening their authenticity.
Anticipate a surge in large-scale AI-generated campaigns coinciding with significant events. For example, 2024 is poised to witness a record number of individuals participating in elections. Through AI, cybercriminals can craft localized baits targeting specific regions effortlessly. Likewise, annual events like year-end tax submissions, major sporting events such as the Paris Olympics and UEFA Euro 2024, and retail extravaganzas like Black Friday and Singles’ Day will serve as prime opportunities for cybercriminals to deceive users.
Given that counterfeit emails closely resemble authentic ones, organizations must not solely rely on employee education. To counter AI-fueled social engineering assaults, entities must establish a virtual safety net for their users. Micro-virtualization entails creating disposable virtual environments isolated from the PC’s operating system, ensuring protection even if users inadvertently interact with malicious content.
2. Integration of Local Large Language Models (LLMs)
LLMs are slated to be integrated into PCs this year, ushering in an era of ‘AI PCs’ that revolutionize user-device interactions. These LLMs will enhance user efficiency and productivity while offering several security and privacy advantages by leveraging AI independently of the web. These personalized assistants and chatbots will mitigate the security risks associated with transmitting and storing personal data in the cloud. However, with the accumulation of additional data by these local models, endpoints will become prime targets for threat actors.
As organizations adopt LLM chatbots to enhance convenience, security teams will face the challenge of safeguarding yet another system. These chatbots could serve as gateways to previously inaccessible data. By utilizing targeted prompts to deceive corporate chatbots and bypass controls, threat actors could manipulate corporate LLMs to access confidential information.
3. AI Eases Access to Firmware and Hardware Attacks
Advancements in cybersecurity technologies will heighten the difficulty for attackers seeking to breach systems and evade detection. However, with AI placing potent technology within reach, sophisticated capabilities will become more accessible. This accessibility will empower attackers to innovate and escalate attacks targeting firmware and hardware layers, where daily visibility for security teams is limited. Historically, infiltrating the operating system (OS) necessitated extensive technical expertise. Nonetheless, AI will democratize attacks aimed at lower technology stack levels.
Anticipate a surge in advanced cyber assaults that are intricate to detect and inflict severe damage. Cyber incidents will surge as attackers utilize AI to pinpoint and exploit vulnerabilities, establishing a foothold beneath the OS. To counter this trend, organizations must intensify investments in hardware and firmware security.
A New Chapter in Cybersecurity
AI is poised to revolutionize the threat landscape significantly. Nonetheless, there is an equal opportunity for security teams to harness AI to bolster threat identification and response capabilities, alleviating the burden on security personnel. AI co-pilots will aid in safeguarding users by automating scans to identify targeted phishing baits designed to deceive employees into initiating financial transactions or divulging sensitive information.
The advent of AI-powered PCs in 2024 will yield substantial security benefits, enabling users to leverage AI securely on devices without the risk of data transmission and storage in the cloud. These devices will introduce an additional layer of data privacy, such as automatically securing an unattended device or activating a privacy screen when under surveillance.
To leverage AI securely to their advantage, organizations must adopt an integrated security approach that prioritizes protection over detection and implements zero-trust principles. Collaborating with reputable AI security providers will empower customers to maximize AI benefits while safeguarding against emerging security and privacy threats.
What novel AI security measures has your organization implemented to mitigate cybersecurity risks? Share your insights on Facebook, X, and LinkedIn. We look forward to your contributions!
Further Insights on AI in Cybersecurity
Ian has dedicated his career to bridging the gap between industry and academia, pioneering new technologies and bringing them to the market. He served as a tenured faculty member at the University of Cambridge, leading the esteemed Systems Research Group for over nine years. Ian has founded three successful technology firms specializing in networking hardware, virtualization/cloud, and cybersecurity. Nemesys Research developed hardware for transmitting high-quality audio and video over data networks, later acquired by FORE Systems in 1997.
In 1999, Ian spearheaded the XenoServers research initiative, culminating in the creation of the Xen hypervisor and the inaugural infrastructure as a service Cloud platform. Subsequently, Ian co-founded XenSource in 2003 to develop enterprise-class virtualization products based on Xen, fostering the growth of the open-source community around Xen and facilitating its adoption by prominent entities like Amazon, HP, Intel, IBM, Google, Sun, and other vendors. Citrix acquired XenSource in 2007 for $500M, where Ian assumed the role of Vice President for Advanced Products and CTO.
In 2011, Ian co-founded Bromium, a cybersecurity company that pioneered a revolutionary endpoint security approach grounded in virtualization, boasting over 65 patents. Bromium’s innovative methodology delivered significantly higher efficacy compared to traditional approaches. HP Inc acquired Bromium in 2019, with Ian at the helm of the personal systems security business unit. Ian holds a PhD in Computer Science, is a Fellow of the Institute of Engineering and Technology, and a Fellow of the Royal Academy of Engineering, where he was honored with the Academy’s Silver Medal in 2009.
