Cyber Security Protection in the Age of AI

Why is AI a key component of Cyber Security?

It’s a commonly recognized fact that there's a shortage of cyber security professionals in the world. A recent report published by Cybersecurity Ventures predicted there will be 3.5 million unfilled positions in this profession by 2025.¹

Technology and connectivity are rapidly progressing, increasing the number of endpoints that need to be monitored– whether it’s robotic machinery on the manufacturing floor or a smart thermostat. There are more endpoints from Internet of Things (IoT) devices alone than there are people in the world, with the number expected to reach 16.7 billion this year.²

In the face of those figures, it‘s necessary to address cyber security with the assistance of artificial intelligence (AI).

AI and its branch of machine learning have the ability to digest vast amounts of data in fractions of a second, recognize patterns and adjust its algorithms without human intervention. Your organization likely already uses AI through next-generation anti-virus email filtering and access management.

At the same time, AI is being used by cybercriminals as it becomes more advanced and accessible. They're using it the same way the rest of the world does – to improve upon what they’re already doing. 

Mandiant’s M-Trends 2023 Report identified phishing as the number two attack vector, which accounted for 22% of cases –  a 10-point increase from 2021.³ With AI, cybercriminals are developing increasingly covert phishing emails. Typically, phishing emails include red flags such as poor grammar, spelling or phrasing. By utilizing AI, cybercriminals can remove these flags by mimicking natural language patterns in text, making the attack tougher to detect by the recipient. This communication is not limited to speech. It also generates video and voice audio.

While new investments in AI need to continue in order to keep pace with cybercriminals, there’s also room to keep it simple.  

• External flagging: This can be enabled on the most commonly used email programs, if it’s not already incorporated by default. Businesses can train employees to recognize that phishing attacks come from external sources. So even if it appears the email is coming from a coworker, the external flag reminds the reader that caution is required.
•  Frequent security awareness training: Awareness training should be prioritized and frequent. The Canadian Internet Registration Authority (CIRA) recommends workplaces consider more frequent training.⁴ As AI advances, increasing this frequency to maintain organizational awareness may be in order.  The goal is to have cyber security become second nature.
• Regular phishing campaigns: The only way for a new skill to become second nature is through practice. IT teams can send fake phishing emails on a quarterly basis to train employees to stay vigilant and practice their cyber security skills. Tracking responses provides the organization with insight on their training's program effectiveness and an opportunity to offer respectful remedial training to individual staff members. With cyber security, learning the hard way is simply too costly.
• Data Privacy and Records Management Machine learning requires data to work – and the more, the better. Regularly review your business practices, policies and disclosures surrounding what information is gathered, how it’s gathered and what it’s used for with appropriate experts.

As AI continues to develop quickly, it’s even more important for organizations to ensure they’re reviewing and testing their cyber security defences and equipping their staff with best practices.

[1] Cybersecurity Jobs Report: 3.5 Million Unfilled Positions In 2025 (cybersecurityventures.com)

[2] Number of connected IoT devices growing 16% to 16.7 billion globally (iot-analytics.com)

[3] M-Trends 2023 (mandiant.com/m-trends)

[4] How often should you conduct cybersecurity awareness training? (2021)