IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

How can artificial intelligence help in the fight to remain secure?

It can play Go and underpins the future of driverless cars, but AI also helps bolster your cyber defences

A robotic hand holding a lock

Artificial intelligence (AI) has gone from being science fiction to an increasingly common part of our lives. TV streaming services use AI and machine learning (ML) to make recommendations of what you might like to watch next, for example, while other AI programmes can carry out rapid trading on the stock market without human intervention.

The information security sector hasn’t been left untouched by this trend, either. Increasingly, an AI element in cyber security technology is seen less as a nice-to-have and more as an essential part of the package.

“AI [has become] an expected feature within cyber security products and services,” says Jeff Pollard, Vice President & Principal Analyst at Forrester. “It's now not a distinguishing characteristic or, you know, something that's outside of the norm, it's fully expected to be in there.”

It’s not just in defensive software that AI is playing a role, either. Microsoft has developed an AI-powered tool that can help developers spot bugs in their code with a claimed accuracy rate of 99%. In theory, this could eliminate a large portion of the software security flaws a malicious actor could exploit at the point of their creation.

An unsleeping sentinel

For those on the front lines of cyber defenses, AI is fast becoming a game changer.

Craig York, CTO at Milton Keynes University Hospitals NHS Trust, has found that AI is a vital tool in his cybersecurity arsenal. He cites the 2017 WannaCry crisis as a turning point for the IT community when it comes to security.

“WannaCry made security a board-level discussion,” York tells IT Pro.

It was at around this time that he was introduced to Darktrace, a company specialising in AI-enabled security software, by a colleague at West Suffolk NHS Foundation Trust, which was already a customer.

Related Resource

Humility in AI: Building trustworthy and ethical AI systems

How humble AI can help safeguard your business

Download now

“Humans can only do so much,” explains York. “We have three people in our cyber security team and while they’re very capable and very diligent, they're human beings; they take breaks, they have a cup of tea. They need lunch, and they go home at the end of the working day.

“Having the latest and greatest patches doesn't necessarily defend against everything that's out there at the moment. And, if anything, some of our cybersecurity attacks are coming from other parts of the world that are doing business, effectively, when we aren't at the hospital.”

He says that it’s in this area of cyber defence that AI comes into its own.

“We need security technologies that are going to provide a safer hospital. 24 hours a day. 365 days a year, at weekends and bank holidays. The AI technology that we use from Darktrace provides some level of that – it never sleeps, so if the AI thinks that something is happening on the network that shouldn't. It can take action straightaway.”

While AI is starting to inhabit a critical role in cyber security, particularly as IT departments and organisations as a whole adapt to the hyper-accelerated digital transformation brought about by the COVID-19 pandemic, it pays for IT leaders to think carefully about what problems they need to solve, rather than plumbing for anything labelled AI.

“The problem most cyber security vendors have is that it is just that it's a buzzword, they can't actually explain what they're doing with AI – or machine learning for that matter,” cautions Pollard.

He explains that while “there are definitely use cases for AI within cyber security”, it’s not something that can – or should – be applied to everything. 

“The most productive and proven use cases for AI in cyber security are really on the detection side,” he says. “So being able to help identify, you know, malware-associated clustering of activity and behaviour. That’s really an area where it landed and it made a lot of sense.

“What we haven't seen yet is AI expanded beyond that to more differentiated use cases, or use cases that are not just based on identifying bad things.”

Turning the tables

It’s often argued, especially by those in the tech industry, that technology is neutral. Being passive and unable to act of its own accord, it’s how it is used that is good or bad, rather than the tool itself. In this, AI is no exception.

While it’s become a key component of organisations’ cyber defence strategy, hackers and other malicious actors are also starting to use AI to craft better attacks. One example is pulling together a convincing spear-phishing email, as it’s able to research more thoroughly and more rapidly than humans. Dr Roman Yampolskiy, an associate professor at the University of Louisville, Kentucky, in the department of Computer Engineering and Computer Science and director of the university’s Cybersecurity Laboratory, has claimed the quality of such emails would be so high that “even cybersecurity experts will fall for them”.

“AI is dual use technology used by both attackers and defenders,” he tells IT Pro. “In recent years AI has become capable of finding novel exploits.”

And while others point to streamlining operations in security departments, Yampolskiy sees another long term possibility: “Like in all other fields AI will eventually fully automate all aspects of the job. Given that both attackers and defenders use AI, it will become an arms race between their AIs.”

For now, though, it’s fair to say that while organisations should be realistic in their expectations of what AI can do, incorporating it into your cyber defences is quickly becoming best practice.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download


Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022
What is phishing?

What is phishing?

29 Apr 2022

Most Popular

Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
Costa Rica declares state of emergency following Conti ransomware attack

Costa Rica declares state of emergency following Conti ransomware attack

10 May 2022
16 ways to speed up your laptop

16 ways to speed up your laptop

13 May 2022