By John Licata, Chief Innovation Foresight Strategist, SAP
While conventional cybersecurity tactics such as anti-virus software intended to prevent online threats are of the utmost importance, there is a limit to their effectiveness. In a world struggling with rapid developments of Artificial Intelligence (AI), old security methods to protect tomorrow’s software platforms are no longer enough. So how can businesses prepare to increase AI adoption and better protect systems from cyber threats?
Cybersecurity best practices and trainings can certainly demonstrate expertise and increase awareness of a variety of threats, but there is an existing skills gap that is worsening with the growing popularity and reliance on AI.
“The intersection of artificial intelligence and cybersecurity is complex,” said Roland Costea, Chief Information Security Officer (CISO) at SAP. “It’s a new frontier, constantly evolving and often misunderstood. But one thing is certain: artificial intelligence is here to stay and its role in cyber security will only grow.”
Emotions in motion
While upgrading helps, it hides an underlying issue: stress.
While 90% of workers say their organization is leveraging AI in some shape or form, 71% of people surveyed by EY said they struggle with anxiety about AI. According to the study, greater exposure to AI has increased, rather than reduced, anxieties, with around half (48%) more worried about AI than a year ago.
This AI emotional imbalance is about considering the critical role workers play in protecting the workplace and defending against AI-driven attacks. Asking programmers to play psychologist requires new approaches to education.
The Institute of Labor Economics found that most technology adopters are responding to workforce trends by hiring more skilled workers. However, this time may be different, considering how artificial intelligence is revolutionizing cybersecurity and crunching structured and unstructured data in ways that humans could never do on their own.
Thus, security professionals will need to gain more expertise in securing cloud environments in the traditional sense, while developing soft skills to understand certain human behaviors and “hallucinations” in AI outputs.
“In the context of artificial intelligence and cybersecurity, illusions refer to cases where artificial intelligence systems may produce unexpected or incorrect results, possibly due to bias in the training data or complex interactions within the algorithms,” Costea said. “Recognizing and addressing these AI illusions is vital and a new skill set for cybersecurity professionals.”
Threats on the rise
Complicating matters is the fact that cyberthreats will become more sophisticated and frequent thanks to artificial intelligence. According to EY, the known number of cyber attacks has increased by 75% in the last 5 years and ransomware costs are predicted to reach $265 billion by 2031 (up from $20 billion in 2021).
Cyber attackers can manipulate inputs to AI models and infect them with malicious code, causing unnecessary computations that ultimately increase operational costs and damage reputational value, as they can lead to system outages and downtime, breaches data, loss of customer trust, increase in customer churn and loss of new customer interest.
It can also target highly coveted intellectual property. If the attack targets an organization that is part of the supply chain, it may well delay and disrupt the flow of goods. In addition, security breaches could lead to legal and regulatory damages as they put an immediate focus on new training required to implement additional security measures that can lead to a decrease in worker productivity.
Collectively, there is much to consider as cyber threats continue to evolve at an astonishing rate. A holistic cybersecurity strategy, and the roles people play in it in an age of artificial intelligence, must begin with a stronger security culture laser focused on best practices, transparency, compliance by design, and building a zero-trust security model.
Without proper investment in the human side of cyber security, there is a real risk that your organization’s reputation, trust score and financial losses will only worsen.
Stay tuned for part two, focusing on specific ways businesses can stay ahead of cyber threats and technologies.