Cyber Security in the Age of Artificial Intelligence

Judgement Day – where the AI, Skynet becomes Self-Aware according to the latest Hollywood Terminator lore was said to take place in the “Early 2020’s”. Now upon seeing the coming end of 2025, I for one am relieved that Hollywood’s Prophecy of an AI hostile enslavement of the Human Race has not happened (Yet).

For now, we can still enjoy our morning coffee runs without being pursued by autonomous killer robots with computational capabilities many times greater than our own species, proficient in deducing every conceivable outcome and odds for every one of our steps and actions while on the coffee run.

So where does AI stand in the real world today and what form has it taken, I ask?

Despite historical depictions of AI’s beginnings going way back to the 1950s, coming of age as a young whippersnapper finishing High-School in the late 1990s, I remember hearing of IBMs Big Blue defeating the world’s top chess champion for the 1st time after years of failed attempts. I thought “Wow…have we arrived at the point where a machine can really surpass humans in thought and strategy?“ The reality of IBMs Big Blue’s win to me, marked the coming of the age for AI. I asked myself what opportunities and dangers this presents, and my question was rapidly followed by…

• Is this thing safe to use…how can we tell it’s safe?
• Are the things that are connected to us, such as our digital information, our banking and electronic records safe, can we really trust it?…how can we be sure it’s safe?
• With much of our information being handled by software code fragments, programmes and algorithms used by semi-automated processes, how can we put so much faith in these machines, running on either Cobol, Fortran, C/C++ or God forbid VB.

The Promise of AI

Today we hear a lot about AI from all technology vendors. It seems every vendor has some sort of AI plugin or capability. We hear a lot of upsides such as

• Rapid increase in productivity. Intelligent machines will address the limitation of human fatigue and need for rest, intelligent machines can work round the clock.
• Generative AI can help produce content. Written or graphical material with higher quality and at scale, cutting down human effort of hours into minutes.
• High efficiency, automation and safety, as AI can watch, monitor and react to real world situations as seen in driverless cars now being trialed and used in many parts of the world.
• AI will help us solve many of the world’s complex problems, able to run hundreds of millions of simulations and calculations and being able to be trained and learn from existing datasets and learning models to provide more accurate results and inputs.

Along with the seemingly immense upside benefits, it’s important to remember that also the ‘bad guys’ look to use AI help them become more proficient at breaching your environment and stealing your data.

How Do Threat Actors Leverage AI

Hacker groups are for instance taking advantage of AI tools in the following ways:

• Generating Advanced Phishing and Social Engineering Attacks:
  Correcting on the errors and inefficiencies of past phishing emails, they now have flawless English language and grammar. Embedded with highly convincing dialogueue along with hard to distinguish deepfakes, whether real or computer generated. All this is making it harder to tell if email is a Phishing attempt or the real deal.
• Easy Malware creation:
  A computer science degree is no longer needing to write malware code. There are plenty of AI tools that can not only provide the code but also test your amendments for how effective your malware code is.
• Automating Reconnaissance, intelligence gathering and coordinating Attacks:
  AI streamlines processes like scanning for vulnerabilities, automating exploit attempts, or orchestrating large-scale attacks such as distributed denial-of-service (DDoS), reducing the time and skill needed.
• Data Discovery:
  Threat actors are, once able to breach inside the walls of a network using a compromised account, able to use AI’s efficient data gathering capability to find information of value. No longer having to trawl through the vast sea of files and folders, the perpetrator use the mighty strengths of AI, prompting commands to fetch the data they are searching for, making data exfiltration easier, quicker and more effective.

And, as society reaps the enormous benefits of AI, so do the ‘bad guys’, looking to reap the benefits to help them become more successful at stealing your data and/or corrupting and damageing infrastructure.

The Future of Cyber Security in the Age of AI

So what does the future of Cyber Security look like in the age of AI? (Specifically, from an IT defence against Threat Attackers point of view).

In my opinion we will see a back-and-forth arm wrestle between newly developed capabilities to help protect our data and infrastructure using the latest advancements and technologies, versus, the threat actors finding ways to exploit new advancements and technologies to better help their illegal aims.

As new exploits and offensive methods are found or invented, so will patches, remedies, new defensive tools and methods be developed in equal response. “As it has always been the struggle between Good and Evil”, I mean Tech defenders and Malicious attackers.

Some advancement areas in development now that will continue to mature are

• Autonomous Threat Modelling AI for Threat Detection and Response:
  Security based AI systems are advancing towards full autonomy, where they can independently analyse vast datasets, detect anomalies, and respond to threats in real-time using pattern recognition and risk-based decision engines.
• Proactive Risk Assessment and Predictive Analytics:
  Future AI will integrate predictive models to forecast vulnerabilities and risks using behavioural data, logs, and network flows. This includes tools that prioritise patching based on real-world impact, map data flows for sensitive information and identify deviations in user behaviour to prevent insider threats.
• AI Unification of Security Tooling:
  AI will integrate and unify disparate tools (e.g., SIEM, EDR, XDR) into cohesive workflows, automating processes like threat hunting and response to handle massive data volumes efficiently. Language models (LLMs) will automate security operations centres (SOCs).