The Role of AI in Cybersecurity: Current Limitations and Future Possibilities
Artificial intelligence (AI) has captured the imagination of the cybersecurity industry, offering the potential to revolutionize how security and IT teams handle cyber crises, breaches and ransomware attacks.
However, a realistic understanding of AI’s capabilities and limitations is crucial, and there are a number of challenges that hinder AI’s immediate transformative impact in cybersecurity. In this article, we explore the limitations of AI in addressing cybersecurity challenges while highlighting the role organizations play in empowering resilience and data-driven security practices.
The Inaccuracy Challenge
One of the key limitations of AI in cybersecurity lies in the accuracy of its output. Although AI systems, such as generative pre-trained transformers like ChatGPT, can generate text that aligns with the zeitgeist of the internet, their responses are not always accurate or reliable. AI systems excel at producing plausible-sounding answers, but they struggle to provide precise and reliable solutions. Relying on unfiltered AI output can be dangerous, considering that not everything found on the internet is true.
The Complexity of Recovery Actions
Recovering from a cyberattack often involves a complex series of actions across multiple systems. IT teams must undertake various tasks to restore security and mitigate the damage caused. Entrusting the entire recovery process to an AI system would require immense trust in its reliability. However, the current state of AI technology is not robust enough to handle the multitude of actions required for effective cyberattack recovery. Directly connecting general-purpose AI systems to critical operations in cybersecurity is a significant challenge that requires substantial development and testing.
General Knowledge Vs. General Intelligence
Another aspect to consider is the distinction between general knowledge and general intelligence. While AI systems like ChatGPT excel at providing general knowledge and generating text, they do not possess general intelligence. These systems can extrapolate answers based on previously encountered information, but they lack the problem-solving capabilities associated with true general intelligence. While interacting with AI systems via text may appear effective to humans, it does not align with how we traditionally interact with technology. Thus, current generative AI systems are limited in their usefulness for solving sophisticated IT and security problems.
AI as a Step in the Evolution of Security
AI should be viewed as a step in the evolution of security rather than a complete revolution. It plays a role in enhancing security practices but should not replace human involvement and decision-making entirely. Organizations will need to counter AI-driven cyberattacks by establishing universal reach to edge machines, such as employees’ devices, where security incidents occur. Resilient connections to these edge machines are crucial for collecting high-quality data, even during an attack. Absolute, with its focus on resilient connectivity, positions itself as a key player in enabling organizations to collect and learn from endpoint data effectively.
Data-Driven Security and Absolute’s Role
To combat evolving cyberthreats, organizations must be equipped with tools that allow them to collect and analyze data from compromised and uncompromised endpoints. This data is vital for security teams to gain insights, detect anomalies and develop proactive strategies.
Conclusion
While AI holds significant promise for transforming the way security and IT teams handle cyber crises, breaches and ransomware attacks, its current limitations prevent its immediate widespread adoption. Accuracy challenges and the complexity of recovery actions require further advancements in AI technology. However, organizations can leverage AI in their cybersecurity strategies by focusing on resilient connectivity and data-driven security practices.
