noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Ministry of Transport of the[...]

Certificate of Entitlement (COEs) Quota for August 2024 to October 2024
Hengxin Technology Ltd.

DISCLOSEABLE TRANSACTION - SUBSCRIPTION OF WEALTH MANAGEMENT PRODUCTS
Ministry of Foreign Affairs of the[...]

Visit by President Tharman Shanmugaratnam to the French Republic for[...]

Technology

Mimecast Limited

23/07/2024 | News release | Distributed by Public on 24/07/2024 01:00

The Benefits and Dangers of AI in Cybersecurity

With attacks growing in speed, scale, and complexity every single day, there's a myth emerging that AI is the end-all be-all for keeping communications, people, and data secure. The hope that people have for AI is understandable - it represents a lifeline for IT and security teams that face limited resources, increasing complexity, and growing risk. But the actual truth is more subtle. There's no question that AI is essential to a modern cyber defense strategy, but like every new security innovation, it is just a tool.

Benefits

Despite the complex algorithms under the hood, the benefits of AI are straightforward and easy to articulate. AI:

Processes vast amounts of data - much more than humans can.
Processes information far faster than any human.
Makes "smarter" decisions over time because it learns with help from data scientists to monitor and retrain the models as needed.
Can simplify and/or automate some tasks.

Applied to cybersecurity, where a few extra minutes of response time can mean the difference between a blocked attack and disastrous breach, those benefits can create tremendous value.

The Impact of Generative AI

Generative AI is not a new topic, but the introduction of ChatGPT in late 2022 unquestionably changed the conversation forever. With broad-based access to such a powerful tool available to anyone, experimentation exploded, as did the fears of what generative AI might ultimately be able to do in the wrong hands. And while ChatGPT has safeguards built in, there are already variants for sale on the dark web that are designed specifically to support malicious purposes.

One of the primary use cases for bad actors is using generative AI to create more realistic phishing emails and to do so at scale - no more spelling or grammatical errors, no more typos and tell-tale stilted language, and support for multiple languages to attack regions not previously accessible to cybercriminals who do not speak their target's local language.

While little is yet known about how broadly generative AI is being used to create phishing emails and whether humans or AI can consistently detect AI-generated emails, it's clear that the number of phishing attacks continues to grow with 98% being delivered through email.

AI Cybersecurity Applications

So, how can organizations use AI to combat the use of AI by cybercriminals? Cybersecurity has always been about making high-stakes choices such as what should be let through, what should be blocked, and what risks should be taken. The use of AI by both sides in this fight doesn't change these questions, but when used wisely, AI can help answer them.

Organizations need to seek out vendors that have a history of being at the forefront when it comes to new technologies and strategies for defending against relentless adversaries like cybercriminals. A top vendor's solutions will layer AI into its solutions, wherever the technology is the right choice to maximize customer defenses, neutralize more threats, and take pressure off security teams.

The right vendor will level with you and tell you that AI is not a panacea, but just one important part of what needs to be a diverse and well-rounded cybersecurity strategy. That vendor's detection stack should apply the right inspections at the right time, with AI algorithms working alongside proven technologies that have been continuously improved over the course of a long history.

The right vendor should work with customers to combine dozens of different approaches, augmented by AI, to yield industry-leading security efficacy.

AI and machine learning techniques are not magic. Ultimately, they are tools to help solve problems. The key to their safe and effective use in cybersecurity is the correct application informed by knowledgeable individuals and good quality data.

Large language models and natural language processing techniques have evolved, and this has supported the creation of more sophisticated attacks by cybercriminals. The right vendor knows how to use its AI-supported solutions to effectively counter and stay ahead of threat actors who would misuse AI technology.

Some of the features security professionals should insist on from their cybersecurity vendor are:

Malicious URL detection.
Defense against business email compromise.
Outbound email and sensitive data security.
Stopping malicious emails disguised as legitimate messages from credible sources.
Categorizing and triaging suspicious emails and websites.
Identifying "not safe for work" images.
QR code detection.
Malware and zero-day protection.

The Bottom Line

As AI continues to increase in practical and effective use in cybersecurity tools, unfortunately, the hype surrounding it will also increase. Security professionals need to learn the best ways to drown out the noise and find the real solutions that work best for their organization. Mimecast can help; learn more about The Promise and Truth of the AI Security Revolution and be sure to visit our Resources page for more information.

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format