Actually, it’s both. Like any coin, Artificial Intelligence (AI) has two sides. One that is ethical and fascinating, and the other quite scary…
For example, as detailed in the European Parliament’s updated article entitled Artificial Intelligence: threats and opportunities, AI can and is being used to improve health care, build safer cars, facilitate access to information, education and training, increase production output and quality, save energy, and deliver better customer service. According to the same source, the estimated increase in labour productivity related to AI by 2035 could reach as high as 37%, while AI could help reduce global greenhouse gas emissions by 2030 by 1/5 to 4%. That’s the good news.
Unfortunately, criminal minds have equal access to technology and are often quicker than others to apply it for not so noble causes. In fact, hackers and scammers have been using deepfake technologies and voice cloning in particular for years to impersonate executives and give fake and fraudulent instructions to employees within an organisation. AI-based software is making it increasingly easy to succeed in such criminal activities. Today, all it takes is a 3-second voice sample… and chances are, even less will soon be enough to create a convincing impersonation.
In a 2021 study, the Government Technology Agency of Singapore revealed that AI could create far more successful spear phishing emails than humans can. It also noted that the easily accessible ChatGPT could create sophisticated malware, while AI-powered ransomware attacks could perfectly target the most vulnerable victims. With the latest AI, hackers can make an organisation’s system overlook what would normally be a detectable threat and allow the hacker to bypass identity and access controls.
So where do we go from here? According to a US Identity Management Institute review, AI’s defining feature is speed – and that can be utilised by both the hackers as well as cybersecurity experts, most of whom agree that AI allows them to detect and respond to a breach quicker and better, and in many cases also to eliminate the underlying weakness much faster.
Impressive as it may sound, AI is neither miraculous nor without limitations. It is therefore absolutely crucial to remember that – like cybercrime – cybersecurity is a multifaceted creature. There is no single and foolproof tactic for criminals, nor is there a solution that can guarantee airtight security. AI can serve both sides, and in both cases, technology cannot completely replace the human factor. The most effective approach to security is therefore a combination of
- Data protection technology as a priority
- Clear and user-friendly data security policies
- Professional IT support with up-to-date knowledge of the latest threats
- Regular security and risk audits
- Automated processes for breach detection and response, and last but not least…
- A culture of data security awareness that is systematically reinforced and developed through regular employee education and hands-on training.
Considering the above, it is important to note that data security – with or without AI – is like physical health. It can’t be achieved with a single workout or treatment, but can be optimised through regular attention, observation, exercises, and best practices. And as in physical health, prevention is always better than cure.
So, don’t wait for the first attack to start tackling your exposure to cybercrime. Find a reliable data security partner who can explain the threats, assess your exposure, identify your vulnerabilities, and implement the most effective security strategy for your specific organisation.