Share this article on:
Artificial intelligence has sparked a wave of excitement within the cyber security industry, holding the promise of revolutionising how we tackle cyber crises, breaches, and ransomware attacks.
However, to understand its future possibilities, we must also have a realistic understanding of AI’s capabilities and limitations and shed more light on the challenges hindering its immediate transformative impact in cyber security.
We need to explore the limitations of AI in addressing cyber security challenges while highlighting the role of technology in empowering resilience and data-driven security practices.
One of the key limitations of AI in cyber security lies in the accuracy of its output. While AI systems, such as generative pre-trained transformers like ChatGPT, can generate text that aligns with the current trends on the internet, their responses are not always accurate or reliable.
AI systems excel at producing plausible-sounding answers, but they often struggle to provide precise and trustworthy solutions. Relying solely on unfiltered AI output can be dangerous, considering the abundance of misinformation on the internet that forms the training material for these AIs.
Recovering from a cyber attack often involves a complex series of actions across multiple systems, as IT teams undertake various tasks to restore security and mitigate the damage caused. Entrusting the recovery process to an AI system would require immense trust in its reliability.
The current state of AI technology, however, is not robust enough to handle the multitude of actions required for effective cyber attack recovery. Directly connecting general-purpose AI systems to critical operations in cyber security is a significant challenge that necessitates substantial development and testing.
It is also important to distinguish between general knowledge and general intelligence when considering the capabilities of AI systems. While AI systems like ChatGPT excel at providing general knowledge and generating text, they lack general intelligence. These systems may be able to extrapolate answers based on previously encountered information, but they lack the problem-solving capabilities associated with true general intelligence.
Furthermore, while interacting with AI systems via text may appear effective to humans, it does not align with the way we need to interface with most technology products. Consequently, current generative AI systems are limited in their usefulness for solving and automating sophisticated IT and security problems.
It’s important to emphasise that AI should be viewed as a step in the evolution of security, rather than a complete revolution. It plays a role in enhancing security practices but should not replace human involvement and decision making entirely.
The dark side of AI also means organisations will need to counter AI-driven cyber attacks. To combat evolving cyber threats, organisations must equip themselves with tools that allow them to collect and analyse data from both compromised and uncompromised endpoints. This data is vital for security teams to gain insights, detect anomalies, and develop proactive strategies, whether using AI or not. They can do this by establishing universal reach to edge machines, such as employees’ devices, where security incidents occur. Resilient connections to these edge machines are crucial for collecting high-quality data, even during an attack.
By providing resilient connectivity, we provide organisations with the tools they need to maintain resilience in the face of cyber threats. By enabling the collection of information back to a central place, IT teams have the necessary data to learn and enhance their security posture. With our focus on resilient connectivity, we enable organisations to collect and learn from endpoint data effectively.
While AI holds significant promise for transforming the way security and IT teams handle cyber crises, breaches, and ransomware attacks, its current limitations prevent its immediate widespread adoption. Accuracy challenges and the complexity of recovery actions require further advancements in AI technology.
However, organisations can leverage AI in their cyber security strategies by focusing on resilient connectivity and data-driven security practices.
As AI technology continues to evolve, we are committed to providing resilient tools and empowering customers with the necessary data in what continues to be a rapidly changing cyber security landscape. It is crucial for organisations to understand that AI is not a complete solution, but rather a valuable tool that can enhance security practices when used in conjunction with human involvement and decision making.
Undoubtedly, as the cyber security landscape evolves, AI technology will continue to advance and address its current limitations. However, until then, organisations should approach AI with caution, ensuring they rely on verified and accurate information while using its capabilities to augment their security strategies.
While AI holds immense potential for revolutionising cyber security, it’s important that limitations be acknowledged. Accuracy challenges, the complexity of recovery actions, and the distinction between general knowledge and general intelligence hinder its immediate widespread adoption. Nonetheless, organisations can leverage AI by focusing on resilient connectivity and data-driven security practices.
Nicko van Someren is CTO at Absolute Software