Opinion article: The limitations and role of AI in cybersecurity

Opinion article: The limitations and role of AI in cybersecurity

Artificial intelligence has sparked a wave of excitement within the cybersecurity industry and promises to revolutionize the way we approach cyber crises, breaches and ransomware attacks.

However, to understand its future possibilities, we must also have a realistic understanding of AI’s capabilities and limitations and shed more light on the challenges hindering its immediate transformative impact on cybersecurity.

We need to explore the limitations of AI to address cybersecurity challenges while highlighting the role of technology in empowering resilience and data-driven security practices.

One of the main limitations of AI in cybersecurity lies in the precision of its production. While AI systems, such as pre-trained generative transformers like ChatGPT, can generate text that aligns with current trends on the Internet, their responses are not always accurate or reliable.

AI systems excel at producing answers that sound plausible, but often struggle to provide accurate and reliable solutions. Relying solely on unfiltered AI results can be dangerous, considering the abundance of misinformation on the Internet that constitutes the training material for these AIs.

Recovering from a cyberattack often involves a complex series of actions across multiple systems, as IT teams undertake various tasks to restore security and mitigate the damage caused. Entrusting the recovery process to an artificial intelligence system would require immense confidence in its reliability.

However, the current state of AI technology is not robust enough to handle the multitude of actions necessary for effective recovery from cyber attacks. Directly connecting general-purpose AI systems to critical cybersecurity operations is a significant challenge that requires substantial development and testing.

It is also important to distinguish between general knowledge and general intelligence when considering the capabilities of AI systems. While AI systems like ChatGPT excel at providing general knowledge and generating text, they lack general intelligence. These systems can extrapolate responses based on previously encountered information, but they lack the problem-solving capabilities associated with true general intelligence.

Additionally, while interacting with AI systems via text may seem effective for humans, it doesn’t align with how we need to interact with most technology products. Consequently, current generative AI systems have limited utility in solving and automating sophisticated IT and security problems.

It is important to emphasize that AI should be seen as a step in the evolution security, rather than a complete revolution. It plays a role in improving security practices, but should not completely replace human participation and decision making.

The dark side of AI also means that organizations will need to counter AI-powered cyberattacks. To combat evolving cyber threats, organizations must equip themselves with tools that enable them to collect and analyze data from both compromised and uncompromised endpoints. This data is vital for security teams to gain insights, detect anomalies, and develop proactive strategies, whether they use AI or not. They can do this by establishing universal access to peripheral machines, such as employee devices, where security incidents occur. Resilient connections to these edge machines are crucial to collecting high-quality data, even during an attack.

By providing resilient connectivity, we give organizations the tools they need to remain resilient in the face of cyber threats. By enabling information collection in a central location, IT teams have the data they need to learn and improve their security posture. With our focus on resilient connectivity, we enable organizations to effectively collect and learn from endpoint data.

While AI holds great promise for transforming the way IT and security teams handle cyber crises, breaches, and ransomware attacks, its current limitations prevent its immediate widespread adoption. The accuracy challenges and complexity of recovery actions require further advancements in AI technology.

However, organizations can leverage AI in their cybersecurity strategies by focusing on resilient connectivity and data-driven security practices.

As AI technology continues to evolve, we are committed to providing resilient tools and providing customers with the data needed in what continues to be a rapidly changing cybersecurity landscape. It is critical that organizations understand that AI is not a complete solution, but rather a valuable tool that can improve security practices when used in conjunction with human involvement and decision-making.

No doubt, as the cybersecurity landscape evolves, AI technology will continue to advance and address its current limitations. Until then, however, organizations should approach AI with caution, ensuring they rely on verified and accurate information while using its capabilities to augment their security strategies.

While AI has immense potential to revolutionize cybersecurity, it is important to recognize its limitations. Accuracy challenges, the complexity of retrieval actions, and the distinction between general knowledge and general intelligence hinder its immediate widespread adoption. However, organizations can leverage AI by focusing on resilient connectivity and data-driven security practices.

Nicko van Someren is CTO of Absolute Software

Leave a Reply

Your email address will not be published. Required fields are marked *