By Konstantin Berlin Head of AI at Sophos

The progress of artificial intelligence (AI) in recent years has been most dazzling. With new technological advances, AI is now at the heart of the current technological landscape. According to a survey conducted by Gartner, investment in AI software products is expected to reach $62 billion in 2022 – only a tiny fraction of its potential.

As AI capabilities gain accessibility and allow cybersecurity specialists to use them as defense tools, malicious actors are also taking advantage of this democratized access. In order to thwart potential cyberattacks and better protect businesses and individuals against cyberthreats, security players are closely monitoring developments in AI and measuring its influence on cybersecurity.

Defenders Do Not Have a Monopoly on Innovations

Ten years ago, no one would have imagined seeing AI solutions reach such a level of complexity and sophistication, let alone seeing them grow so large within current technological solutions. According to Gartner’s predictions of the next major technological developments, generative AI is expected to drive 10% of all data generated by 2025, up from just 1% today. The increased integration of machine learning (ML) as well as the democratized accessibility of AI solutions to the general public clearly contributes to this trend, which will intensify over the years.

The progression related to deep neural networks has a direct influence on advances in AI. It is particularly interesting to refer to the AlphaFold solution developed by Google DeepMind, which makes it possible to predict the three-dimensional structure of proteins according to their amino acid sequences. These neural networks are also used to produce source code. Additionally, through research by Google and OpenAI, it has been shown that it is possible to generate source code from natural language information, giving developers easy access to AI programming. However, this ease of access also makes cyberattacks able to take advantage of it. This could very well lead to new malicious techniques, such as the automated production of malware at a lower cost.

In addition, new weapons related to the capabilities of neural networks – such as the creation of false images or false textual content, which are constantly gaining in realism and credibility – complete the potential arsenal of opponents for the generation of attacks. “by watering-hole” (or watering-hole in English). These attacks, which use Internet content or employ techniques such as phishing, could subsequently allow cyberattackers to deceive the vigilance of certain security measures. It should therefore be kept in mind that, even if the great technological advances and all the capacities related to AI open the way to new perspectives concerning automatic programming and deep learning, their accessible nature can generate new threats still more virulent.

Cybersecurity is Bound to Evolve

In order to counter these threats, incorporating AI into cybersecurity strategies has become both an essential act, but also a major issue for data protection. Today, neural networks have accelerated their learning capabilities and are now able to solve problems that were once called “insurmountable”. By combining these networks with the use of supercomputers equipped with unparalleled computing power – such as the Research SuperCluster (RSC), the launch of which was recently announced by Meta -, new perspectives applicable to cybersecurity should soon emerge. . As a result, specialists are focusing more on these perspectives related to AI, on the one hand to be able to provide better protection against these hypothetical new threats, and on the other hand to develop new tools capable of exploiting the potential yet unknown to AI.

If security vendors want to stave off competition and stay ahead of the market, it is essential that they focus on developing new ML applications on two fronts. First, user-oriented ML: applied to security, it will make it possible to design products that can prioritize security alerts and advise security policies adapted to the situation. This will increase the efficiency of security personnel. Second, the exploitation of neural networks: in order to solve problems once perceived as insurmountable and still managed by humans – such as the automatic identification of vulnerabilities or the automated installation of patches -, exploiting these networks would allow companies to achieve savings on application development.