Navigating Cybersecurity in the AI Era: How CIOs can Build Cyber Resilience
By: Adel El -Ansary, Senior Regional Pre-Sales Manager, Egypt, Libya & Levant, Dell Technologies.
Generative AI (GenAI) in the cybersecurity landscape is a double-edged sword. While it can be a powerful tool in protecting IT environments, it also introduces new challenges for businesses as cybercriminals use it to create and engage new attack vectors. As GenAI continues to evolve and develop, so does its impact – for both cybersecurity and cybercrime.
IT leaders are keenly aware of the capabilities of GenAI to both enforce and attack their systems – according to our Global Data Protection Index (GDPI) report, 53% of respondents believe GenAI will provide an advantage to their organization’s cybersecurity posture while 27% feel GenAI will initially provide an advantage to cyber criminals.
There is no doubt that GenAI will have a significant impact on the cyber threat landscape and future requirements of data protection, and cybersecurity vendors are already looking at how it can future-proof their suite of security. In fact, the global AI in cybersecurity market is anticipated to grow to $60.6 billion by 2028. The advancements in GenAI mean the landscape is undergoing a rapid change, so CIOs and security leaders need to act quickly to introduce GenAI into their cybersecurity arsenal, or risk being overwhelmed by a tidal wave of GenAI-fueled cyber-crime.
Clearly the stakes are high, so how can CIOs unlock the value of GenAI to fortify their cybersecurity strategy?
Understanding GenAI augmented attacks and removing implicit trust
To champion GenAI as a power source for cybersecurity and not cybercriminals, an important part of a CIO’s strategy must be to understand how cyberattacks are implemented and strengthened with GenAI, from the device level to the data and user.
Traditional methods of preventative cybersecurity have largely focused on a ‘perimeter-centric’ approach, using a security framework based on the ‘trusted known’ inside the perimeter (employees, partners) and the ‘untrusted unknown’ outside the perimeter (hackers and other bad actors). However, increasingly sophisticated human engineering methods, enhanced by GenAI, such as phishing e-mails and deepfakes, let bad actors enter the network under the guise of a ‘trusted known’ and access an organization’s entire system.
Removing implicit trust with a Zero Trust model can prevent successful hackers from further infiltrating a business network and implementing machine learning (ML) models into such architectures will enhance their ability to detect anomalies and potential threats in real-time. For example, an employee accessing e-mails may be prompted to complete a two-factor authentication step to regain access after a certain time, meaning any user can be individually denied access to the designated system in real-time.
By continuously monitoring user behavior and network activity, GenAI-driven Zero Trust models strengthen the overall security posture of an organization, ensuring that access privileges are dynamically adjusted based on real-time risk assessments.
Using GenAI to mitigate potential attacks and strengthen incident response and recovery
GenAI and automation in cybersecurity goes beyond rule-based systems, offering adaptive and predictive capabilities. With GenAI continuously learning by analyzing vast amounts of security data, and ML algorithms identifying anomalous behavior and predicting potential threats in real-time, cybersecurity teams can be proactive in their responses to threats. When GenAI detects anomalies in network traffic or suspicious email content, it can learn about the threat type to predict future threats and identify vulnerabilities.
CIOs need to understand, however, that this is not a bullet proof solution, and cyberattacks can still happen. But if one is successful, AI-driven automation can mitigate its impact. By streamlining threat detection and response, AI automation enables faster and more comprehensive disaster recovery which lessens the negative effects. AI and ML tools can provide organizations with the assurance that they can quickly and confidently recover their most critical data and systems after a cyberattack and resume normal operations. This is achieved by detecting, diagnosing and accelerating data recovery within the security of a Cyber Recovery vault – an isolated repository of all essential business data and systems.
According to our GDPI research, 74% of organizations surveyed believe their existing data protection measures cannot cope with ransomware threats and 65% are not confident they could reliably recover from a destructive cyberattack. CIOs should leverage AI-driven analytics to enhance incident response capabilities, enabling quicker identification of the source and scope of a breach and expediting the recovery process.
Educating teams for a vigilant workforce
When it comes to human engineering and fraud-based attacks, employees are one of the most powerful lines of defense. Human error is a leading cause of cybersecurity incidents and IT leaders and CIOs must invest in comprehensive cybersecurity training programs to equip employees with the knowledge and skills necessary to identify and respond to potential threats. This includes tips in spotting GenAI-powered fraud attempts. Conversely, GenAI can also be used within the organization to enhance employee training, as businesses can personalize modules, drawing on an employees’ role, past behaviors and the common threats they may face.
As the GenAI era unfolds, the symbiotic relationship between AI and cybersecurity will continue to evolve. In the face of ever-changing threats, CIOs and other IT leaders must embrace the promise of GenAI’s potential while countering the threats it might engender. As we navigate this complex terrain, businesses will need to utilize technology, people and process to foster organization-wide cyber resilience.
