The Dual Role of AI in Cybersecurity
In the rapidly evolving world of cybersecurity, Artificial Intelligence (AI) both aids and challenges security measures. As highlighted by cybersecurity expert Benoit Desjardins during the recent HIMSS Virtual Forum on AI and Cybersecurity, there is a continuous struggle between attackers leveraging AI for malicious intent and defenders striving to protect sensitive information.
The Cybersecurity Battlefield
Desjardins, a former hacker turned expert, notes that cybersecurity professionals face an average of two breaches per day, often targeting personal health information. Once cybercriminals infiltrate a network, they can extract valuable data with alarming speed—most hackers can compromise sensitive information in less than five hours, while organizations typically take about 235 days to detect these breaches.
Common Methods of Cyber Attack
The tactics employed by cybercriminals often include malware and phishing schemes. Traditional cybersecurity approaches like network intrusion detection and signature-based detection remain prevalent. Signature-based detection, which identifies threats by matching data patterns with known signatures, is particularly popular among organizations. However, this method struggles against diverse variants of attacks.
Challenges in Traditional Cybersecurity
Desjardins points out the limitations inherent in traditional cyber defense strategies due to the extensive number of variants, the high infection rate, and the labor-intensive nature of monitoring. The overwhelming volume and frequency of attacks exacerbate these challenges, necessitating more advanced solutions.
The Power of Generative AI
Among the rising threats are generative AI models and generative adversarial networks (GANs), which can create realistic falsified content. These technologies can be exploited for social engineering, crafting convincing fake videos, voices, and messages. A notable example occurred in February 2024 when an employee from Arup Group was duped into transferring $25 million after being misled into believing she was in a video call with executives.
Defensive Capabilities of AI
On the defensive front, generative AI holds great potential. It can automate the identification of vulnerabilities, simplify data analysis, and enhance the processing of visual evidence. Discriminative cybersecurity models utilize AI across various layers, demonstrating impressive accuracy in detecting intrusions, malware, and phishing attacks.
The Future of AI in Cybersecurity
While Desjardins acknowledges AI’s significant advantages, including simplicity and speed, he cautions regarding the need for extensive datasets, the challenges of supervised learning, and inherent risks like “hallucinations.” Despite these drawbacks, the synergy between man and machine remains essential. Cybersecurity specialists will increasingly need to familiarize themselves with AI technologies to effectively sift through alerts, as AI systems operate around the clock without fatigue.
Desjardins, who serves as a professor of radiology at the University of Montreal as well as the Chief Medical Information Officer at the Center Hospitalier de l’Université de Montréal (CHUM), emphasizes that AI will not replace human expertise. Rather, those who can harness AI will have a distinct edge in the ongoing battle against cybersecurity threats.
For those interested in a deeper exploration of this topic, Desjardins’ session, “AI vs. AI – Defending Against AI-Powered Cyber Threats in Healthcare,” will soon be available in rebroadcast form through HIMSS.