ARTIFICIAL Intelligence (AI) held enormous promise for organisations battling a scourge of cyberattacks as cyberattacks have been growing in volume and sophistication over the past years, says Mimecast cybersecurity expert Brian Pinnock.
The latest data from Mimecast's State of Email Security 2022 report found that 94 percent of South African organisations were targeted by email-borne phishing attacks in the past year, and six out of every ten fell victim to a ransomware attack.
Pinnock said to protect against such attacks, companies were increasingly looking to unlock the benefits of new technologies. The market for AI tools for cybersecurity alone was expected to grow by $19-billion between 2021 and 2025. He said that locally, adoption of AI as a cyber resilience tool is also growing. Nearly a third (32 percent) of South African respondents in Mimecast's latest State of Email Security 2022 report were already using AI or machine learning - or both - in their cyber resilience strategies. Only 9 percent said they have no plans at the moment to use AI.
“AI should be an essential component of any organisation’s cybersecurity strategy. But it’s not an answer to every cybersecurity challenge - at least not yet. The same efficiency and automation gains that organisations can get from AI are available to threat actors too. AI is a double-edged sword that can aid organisations and the criminals attempting to breach their defences,” Pinnock said.
He said, used well, however, AI was a game-changer for cybersecurity. With the correct support from security teams, AI tools could be trained to help identify sophisticated phishing and social engineering attacks, and defend against the emerging threat of deepfake technology.
In recent times, AI has made significant advances in analysing video and audio to identify irregularities more quickly than humans were able to. For example, AI could help combat the rise in deepfake threats by quickly comparing a video or audio message against existing known original footage to detect whether the message was generated by combining and manipulating a number of spliced-together clips.
AI may be susceptible to subversion by attackers, a drawback of the technology that security professionals need to remain vigilant to. Since AI systems were designed to automatically 'learn' and adapt to changes in an organisation's threat landscape, attackers may employ novel tactics to manipulate the algorithm, which can undermine its ability to help protect against attack.
Mimecast said that despite AI's power and potential, it was still important that every employee within the organisation be trained to identify and avoid potential cyber risks.
The firm said nine out of every ten successful breaches involved some form of human error. More than 80 percent of respondents in the latest State of Email Security 2022 report also believed their company was at risk from inadvertent data leaks by careless or negligent employees.
“AI solutions can guide users by warning them of email addresses that could potentially be suspicious, based on factors like whether anyone in the organisation has ever engaged with the sender or if the domain is newly created. This helps employees make an informed decision on whether to act on an email,” Pinnock said.
“But because it relies on data and is not completely fool proof, regular, effective cyber awareness training is needed to empower employees with knowledge and insight into common attack types, helping them identify potential threats, avoid risky behaviour and report suspicious messages to prevent other end-users from falling victim to similar attacks.”
However, less than a third of SA companies were said to provide ongoing cyber awareness training, and only one in five provided such training once a year or less often.
Mimecast said that to ensure AI-and every other cybersecurity tool delivered on its promise to increase the organisation's cyber resilience, companies should prioritise regular and ongoing cyber awareness training.