Using AI in cyber defenses

Cyber security and AI – A whirlwind merger

In today's rapidly evolving digital landscape, the intersection of cyber security and artificial intelligence (AI) presents both unprecedented challenges and opportunities. As I go through my daily activities of meeting and discussing with clients, this topic comes up almost without fail. As organizations increasingly rely on AI systems to streamline operations and make informed decisions, it becomes crucial to safeguard these technologies from malicious actors seeking to exploit vulnerabilities.

One of the key challenges posed by the emergence of AI into the cyber security landscape is the enhanced sophistication of cyber threats themselves. AI algorithms excel at pattern recognition, allowing them to identify and exploit weaknesses in traditional security measures. This necessitates a proactive approach to cyber security, where organizations must constantly adapt and update their defense mechanisms to stay one step ahead of evolving threats.

A layered approach using AI

I, for one, have always leaned to a “layered approach” to cyber security. In my years inhabiting “the chair” as a director of information security, I had a firm design standard that required my teams to build as many roadblocks for threat actors to encounter as they could while not, of course, causing performance to suffer. In the age of AI, I believe this will become even more critical. Organizations should focus on implementing robust and multi-layered security measures. This entails bolstering perimeter security with advanced firewalls, intrusion detection systems, and next-generation antivirus software. Or, perhaps a more forward-thinking approach, deploying an integrated WAN/Zero Trust strategy such as that provided by Cloudflare. Additionally, organizations must invest in AI-powered security tools that can detect and respond to threats in real time, leveraging machine learning algorithms to identify anomalies and predict potential cyber-attacks.

In the realm of threat intelligence, AI plays a pivotal role in analyzing vast amounts of data to identify patterns and discern potential security risks. Machine learning algorithms can trawl through large datasets to spot and investigate unusual activities, thereby facilitating the timely identification of potential threats. By leveraging AI in threat intelligence, organizations can more quickly move to defend and perhaps even proactively predict cyber attacks by understanding where their areas of greatest risk are.

Furthermore, organizations and cyber security professionals must embrace the concept of adaptive defenses. Traditionally, cyber security relied on static defenses that were often bypassed by innovative attack techniques. With AI, defenses can adapt in real time by analyzing data, identifying patterns, and enhancing policies to mitigate emerging threats. This dynamic approach enables organizations to quickly respond to evolving attack methods and plug vulnerabilities before they are exploited.

When it comes to starting a journey to greater use of defensive AI in our data environments, one of the largest and most vulnerable security surfaces is email. When I began my career in 1999 (it’s been a minute), email security was nothing more than scanning the contents of the inboxes using techniques very similar to those used by scanning the local drive for viruses with an “AV” solution. To say we’re way beyond that now doesn’t begin to cover the reality. Due to things like the incredible rise of business email compromise (BEC), we now must analyze the behavioral, the contextual, and even the very use of language! It takes the use of very sophisticated language models to have a chance at identifying and stopping these threats. Given that email is the most widely used application in business or communications of any sort, it only makes sense that starting with a solid, forward-thinking approach for implementing defensive AI starts here. A great “real-world” example of this starting point was Cloudflare’s engagement with Werner Enterprises in the deployment of preemptive email security that identified over 1,700 threatening emails that Werner’s previous email security solution missed in the first 2 weeks. For Michael Perdunn, Director of Cyber Security at Werner Enterprises, it was an excellent way to begin the march towards greater use of defensive AI without greater complexity.

Privacy and misuse?

However, even with the positives of adding AI into our defensive security philosophy, one of my greatest concerns with the implementation of AI in cyber security is the ethical questions that immediately arise. Privacy concerns and potential misuse of AI-powered surveillance systems are areas that require careful consideration. Organizations must ensure that their use of AI in cyber security adheres to legal and ethical frameworks and prioritizes user privacy. Additionally, cyber security professionals must be vigilant in monitoring AI systems, as the possibility of attackers exploiting AI algorithms for nefarious purposes cannot be ignored. Also, there is a possibility, however small, of misuse by an ”insider” who has opted to use the power of AI systems for their own means. Whether that is for greater knowledge of company issues or, worst case scenario, to do real damage to the company.

Immense opportunity, but proceed with caution

In conclusion, the convergence of cyber security and AI presents immense opportunities for organizations to fortify their defenses and stay ahead of cyber threats. By combining AI-powered security tools, adaptive defenses, and ethical considerations, organizations can leverage the advantages of AI while mitigating potential risks. As the cyber threat landscape continues to evolve, a proactive and AI-driven approach to cyber security is necessary for safeguarding critical assets and maintaining business continuity. HOWEVER, we must use this approach with a measure of wisdom and discernment as well. Stay safe out there…..

This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.


Scott Harris — @ssharris1
Principal Solutions Engineer, Cloudflare

Key takeaways

After reading this article you will be able to understand:

  • The sophistication of threats warrants new security methods

  • Cyber defenses can adapt in real time when using AI

  • How to integrate defensive AI into email as a starting point

Receive a monthly recap of the most popular Internet insights!