In 2017, a multinational logistics company, A.P. Moller-Maersk, witnessed a cyberattack that rendered all its defences useless and paralysed the company’s operation. The shipping giant became a victim of NotPetya, a potent ransomware. This attack disrupted Maersk’s logistics system and caused an estimated $300 million in damages. In the wake of this cyber attack, Maersk tightened its cybersecurity by embracing AI. The company hasn’t been a victim of cyberattacks ever since.
Although the digital era has revolutionised how people conduct their businesses and opened up new opportunities, it has also given rise to new and sophisticated cyberattacks. According to Cybersecurity Ventures, cybercrimes will cost the world $10.5 trillion by 2025, as low as $3 trillion in 2015. This shows the rapid rise of cyber attacks. However, the most disturbing part is that our existing cybersecurity systems are overwhelmed by new and more sophisticated viruses. Many people ask what the solution is. It is an AI-powered cybersecurity system.
AI-powered cybersecurity systems use machine learning (ML) and advanced analytics to predict, identify, and respond to threats. AI algorithms process huge data sets to identify patterns and predict a potential attack on a network. AI examines the historical data of cyberattacks to understand the patterns that arise during a cyberattack and then runs constant checks to identify any such pattern. This allows these AI models to provide real-time threat detection. These models continuously monitor network and user behaviour.
This capability is even more evident when the AI has some ML algorithms. Machine learning allows the identification of potential threats, enabling immediate intervention from the cybersecurity or IT teams. A study by Capgemini states that around two-thirds of all organisations believe their cyberattack detection will be much better if they incorporate AI into their detection system.
However, detection alone isn’t enough; an effective and fast response is vital to ensuring minimal damage. AI-powered systems can predict cyberattacks and automate the response, reducing the time of action and potential damage. A prime example is CrowdStrike, a global cybersecurity company that uses AI to enhance its ability to respond to cyberattacks. The company’s cybersecurity platform, Falcon, uses AI to analyse end-point data and identify malicious activities. This system had its biggest test during the 2017 WannaCry ransomware outbreak, where it safeguarded the company and its clients’ data. It quickly identified the ransomware based on activity and isolated the systems affected by it, preventing the virus from spreading and minimising the damage.
Along with CrowdStrike, many other companies use AI cybersecurity systems. In the financial sector, JPMorgan and Chase use AI cybersecurity algorithms to identify fraudulent activity and protect sensitive customer data. Their AI system has been in the limelight as it has defended numerous cyberattacks since its adoption. The system is so advanced that it can analyse millions of transactions in real time. AI-enhanced cybersecurity systems are also proving their mettle in the healthcare industry. Mayo Clinic is a good example, as it uses advanced AI cybersecurity systems to monitor its network and constantly identify any unusual activity. This has helped them to safeguard the personal data of their employees and clients.
IBM’s Watson for Cyber Security is another example. It analyses and correlates vast data sets to identify cyber threats. In a notable case, the system was able to uncover a complex phishing attack campaign for a large financial institution. Watson analysed various emails, network logs, and other source data to identify a pattern that indicated a phishing attack. Upon the discovery, the financial institution’s cyber security team was able to safeguard its networks.
It all feels like a dream come true. That being said, AI cybersecurity still has a long way to go before it is adopted by various industries. One of the most significant problems that plague every AI system is the quality and quantity of the data set. Organisations must have comprehensive data sets to feed their AI systems. Another challenge is integrating AI into existing systems. Even when these two challenges are mitigated, the need to educate the employees on how to use the system is also necessary. However, the most bone-chilling challenge is the security of the AI system itself. The dependency on the AI system means that if someday the AI system is down, the whole cybersecurity of the organisation will be at risk, which not many organisations can afford.