Is artificial intelligence a tool or a threat to cybersecurity?
On one hand, artificial intelligence can improve cybersecurity in many ways. On the other hand, it's a devastating tool in the hands of malicious hackers. What's the truth?
The Good
Artificial intelligence is going to be (and already is) a great tool to assist the almost one million cybersecurity professionals currently active. The first and most intuitive reason why AI is going to be critical in the battle against cyberattacks, is that it's going to reduce the workload of the cybersecurity workforce. IT professionals work up to 52 hours a week, but automation will assist them with many menial tasks, giving them some breathing room between one attack and the next.
Machine learning-based algorithms will also adapt to new threats faster than humans, as they can quickly spot the similarities between the new generation of malware and cyberattacks and other, more familiar threats. AI that has "learned" enough will be able, in due time, to detect and deal with the vast majority of relatively simple threats on its own, freeing up an enormous amount of time for tech employees.
Finally, AI-based analytics platforms that use structured and unstructured machine learning are more flexible and more efficient at correlating and understanding information detected by different tools at once. More than half of the cyber professionals, in fact, know very well that their tools often lack the cohesion and accuracy needed to provide them with reliable data they can trust.
The Bad
The widespread use of AI comes with its own risks to cybersecurity, as a panel of 26 British and American experts explained in the 101 page-long report "The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation."
First, it's easy to understand how the same benefits that cybersecurity experts are going to enjoy from the introduction of machine learning algorithms are valid for hackers and scammers as well. Attackers can use automation to make the process of finding new vulnerabilities they can exploit easier and quicker, for example.
But AI can "level the playing field" for attackers who can usually rely on a much smaller workforce to coordinate their attacks. By alleviating the existing trade-off between the scale and efficacy of attacks through automation, labor-intensive attacks such as spear phishing will become more efficient and frequent. However, AI can provide some benefits that are specific to attackers only, such as exploiting using speech synthesis for impersonation, for example.
More in general, AI-based bots and malware can, right now, pose a much more significant threat to the average user than to the cybersecurity experts. AI can be used to steal users' data, coordinate large botnets and easily poke through the best VPNs that a user can hope to buy. The domino effect of exploiting these vulnerabilities of common people can be truly devastating as the recent VPNFilter malware attack that hacked over 500,000 routers worldwide just taught us.
The (Not So) Ugly Truth
The bottom line is that AI is going to forever change the cybersecurity scenario. It's neither "good" nor "evil," it's just a new weapon that, once it has been introduced and established, will revolutionize the field of battle. It's the equivalent of the introduction of rifles in warfare during the Renaissance: Things are never going to be the same.
It doesn't matter much whether it's more effective for attackers or defenders now. Eventually, all of cyberwarfare will evolve around it.
Tags
Written by Claudio Buttice | Data Analyst, Contributor

Dr. Claudio Butticè, Pharm.D., is a former clinical and hospital pharmacist who worked for several public hospitals in Italy, as well as for the humanitarian NGO Emergency. He is now an accomplished book author who has written on topics such as medicine, technology, world poverty, human rights, and science for publishers such as SAGE Publishing, ABC-Clio, and Mission Bell Media. His latest books are "Universal Health Care" (2019) and "What You Need to Know about Headaches" (2022).
A data analyst and freelance journalist as well, many of his articles have been published in magazines such as Cracked, The Elephant, Digital Journal, The Ring of Fire, and Business Insider. Dr. Butticè also published pharmacology and psychology papers on several clinical journals, and works as a medical consultant and advisor for many companies across the globe.
More Q&As from our experts
- How can security be both a project and process?
- How can machine learning and AI help move companies from a perimeter approach to cybersecurity?
- Why are companies paying so much for AI professionals?
Related Terms
- Artificial Intelligence
- Cybersecurity
- Cyberattack
- Hacker
- Automation
- Machine Learning
- Algorithm
- Malicious Software (Malware)
- Spear Phishing
- Botnet
Related Articles

5 Ways Companies May Want to Consider Using AI

The Growing Cybersecurity War on the Healthcare Industry

The Truth About Cybersecurity

Biometrics: New Advances Worth Paying Attention To
Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
- Data Governance Is Everyone's Business
- Key Applications for AI in the Supply Chain
- Service Mesh for Mere Mortals - Free 100+ page eBook
- Do You Need a Head of Remote?
- Web Data Collection in 2022 - Everything you need to know
- How to Protect Microsoft 365 from NOBELIUM Hackers
- 5 Steps to Streamline Security for your Hybrid Network