How machine learning and new AI technologies could change the cybersecurity landscape
This story originally appeared on Drata and was produced and distributed in partnership with Stacker Studio.
How machine learning and new AI technologies could change the cybersecurity landscape
The world has never been more online. From work meetings, emails, and texts to shopping, paying bills, and banking—the possibilities are endless. Technological advances save people time and give companies new tools for growth.
But that connectedness comes with a cost. The internet has also never been more rife with criminals looking for vulnerabilities to exploit, hoping to hold companies hostage with ransomware, executing crafty phishing and social engineering attacks, hacking into proprietary information, or capturing private data such as Social Security numbers and addresses.
Does artificial intelligence or machine learning make it easier or harder for companies to guard against such attacks? Can other improvements provide additional defenses against cyberattacks?
The pros and cons of some of the advances have recently burst into the news. Geoffrey Hinton, the "Godfather of AI," recently left Google to warn of the dangers of the very technology he helped develop. He worries that generative artificial intelligence—which can produce text, images, video, and audio—will be used for misinformation and someday even eclipse humans' creativity. Others say those fears are hypothetical.
Drata compiled a list of five technological innovations changing how firms monitor and protect sensitive data essential to their digital operations.
Artificial intelligence
Artificial intelligence not only allows a computer to analyze large amounts of data quickly—a game changer as it speeds up response times for a company's security operations—but it becomes more knowledgeable as it gathers more information.
These systems, which include machine learning, natural language processing, and speech recognition, can sort through millions of research papers, news stories, and other data. Industries such as health care, finance, transportation, entertainment, and real estate are all benefitting from the patterns these systems identify.
When their efforts are focused on cybersecurity, they can identify vulnerabilities and risks from hacking, phishing, and other attacks. But they can also spot potential new cyberdefense opportunities. And these systems can be taught to correct their own actions.
Machine learning
Machine learning, a subset of AI that has often been used interchangeably with it, actually refers to how a computer can improve its performance by interacting with data. The computer learns in the sense that it can change an algorithm as it receives more data. Machine learning can help more accurately detect possible attacks and prioritize which are the most likely and potentially dangerous.
However, as Georgetown University's "Machine Learning and Cybersecurity" report notes, often these technologies are based on older long-standing methods, not new approaches, and draw attacks themselves. The report predicts machine learning is more likely to offer incremental improvements rather than fundamental new approaches—unless there are new breakthroughs in machine learning capabilities.
Chatbot technology
Chatbot technology is making tremendous advances. ChatGPT is an AI chatbot developed by OpenAI, co-founded by tech billionaire Elon Musk. ChatGPT can answer follow-up questions, admit mistakes, challenge incorrect premises, and reject inappropriate requests, according to OpenAI. Its name comes from the Generative Pre-trained Transformer language model.
More recently, Slack, a messaging app for business, announced plans to offer a chatbot technology called Slack GPT. It will summarize messages missed while you were out of the office, help with writing, take notes on calls, and more.
ChatGPT's ability to write text and create code makes it valuable for nefarious uses. The system can write convincing phishing emails and ransomware code, jumpstart the effort required to build infrastructure and create applications to attack targets, impersonate people, or generate emails that might trick someone at a business into sharing confidential data. At the same time, it may be able to identify security threats.
Virtual reality
Virtual reality is a three-dimensional image created by a computer. Because it allows you to immerse yourself, it is particularly effective in cybersecurity and for various training exercises—in medicine and the military, for example. A realistic scenario can be created to simulate a cyberattack.
But virtual reality also poses risks. It may be collecting such data as retina scans, fingerprints, facial dimensions, and voice characteristics that could ease impersonation in the metaverse.
Cloud computing
Cloud computing allows access on demand and through the internet to applications, servers, networking capabilities, and more. Often, the cloud provider is responsible for the security of the cloud infrastructure, while the customer is expected to protect data within the cloud. As a cloud user, you could be vulnerable to data breaches, cyberattacks, malware infections, and other attacks that exploit the layer you are responsible to secure on top of the cloud provider.
Data reporting by Dom DiFurio. Story editing by Jeff Inglis. Copy editing by Paris Close. Photo selection by Abigail Renaud.