By John Licata, Chief Innovation Foresight Strategist, SAP
While conventional cybersecurity tactics like virus protection software meant to stave off online threats are of utmost importance, there is a limit to their effectiveness. In a world grappling with the rapid advancements of Artificial Intelligence (AI), security methods of old to protect software platforms of tomorrow no longer suffice. So how can businesses prepare for the surge in AI adoption and better safeguard systems from cyber threats?
Cybersecurity best practices and trainings can certainly demonstrate expertise and raise awareness around a variety of threats but there is an existing skills gap that is worsening with the rising popularity and reliance on AI.
“The intersection of AI and cybersecurity is complex,” said Roland Costea, Chief Information Security Officer (CISO) at SAP. “It’s a new frontier, constantly evolving and often misunderstood. But one thing is certain: AI is here to stay, and its role in cybersecurity is only going to increase.”
Emotions in motion
While upskilling helps, it masks an underlying issue: Anxiety.
While 90% of employees say their organization is taking advantage of AI in some shape or form, 71% of people polled by EY said they are struggling with anxiety regarding AI. According to the study, greater exposure to AI has increased, rather than lessened, anxieties, with about half (48%) more concerned about AI than they were a year ago.
This emotional AI imbalance is concerning considering the critical role employees play to safeguard the workplace and defend against AI-driven attacks. Asking developers to play psychologist requires new approaches to training.
The Institute of Labor Economics found that most technology adopters respond to workforce trends by hiring more specialized workers. However, this time may be different considering how AI is revolutionizing cybersecurity and crunching structured and unstructured data in ways humans could never do alone.
Thus, security professionals will need to gain more expertise in securing cloud environments in the traditional sense while developing soft skills to understand certain human behaviors and “hallucinations” in AI results.
“In the context of AI and cybersecurity, hallucinations refer to instances where artificial intelligence systems may produce unexpected or incorrect results, potentially due to biases in the training data or complex interactions within the algorithms,” said Costea. “Recognizing and addressing these AI hallucinations is crucial and a new skillset for cybersecurity professionals.”
Threats on the rise
Complicating matters is the fact that cyberthreats will become more sophisticated and frequent thanks to AI. According to EY, known number of cyber-attacks have increased by 75% over the past 5 years and ransomware costs are forecast to reach $265 billion by 2031 (up from $20 billion in 2021).
Cyber attackers can manipulate inputs to AI models and infect them with malicious code, causing unnecessary computations which ultimately drive up operational costs and hurt reputational value Since it can lead to system outages and downtime, data breaches, loss in trust by customers, an increase in customer churn and a loss of new client interest.
It can also target highly coveted intellectual property. If the attack is aimed at an organization that is part of the supply chain, it very well can delay and disrupt the flow of goods. Additionally, security breaches could lead to legal and regulatory damages as create an immediate focus on new trainings needed to implement additional security measures which can result in a decline in employee productivity.
Collectively, there is a lot to consider since cyber threats continue to evolve at amazing speed. A holistic cybersecurity strategy, and the roles humans play in it in an age of AI, must begin with a stronger security culture laser focused on best practices, transparency, compliance by design, and creating a zero-trust security model.
Without the proper investment in the human side of cybersecurity, there is a real risk that your organization’s reputation, trust score, and financial losses will only deteriorate.
Stay tuned for part two, focusing on specific ways businesses can stay ahead of cyberthreats and technologies.
Read the full article here