Phil Calvin, Chief Product Officer at Delinea, acknowledges the influential role AI can play in supporting cybersecurity measures but underscores it should be considered only after foundational priorities are firmly in place.
AI continues to dominate headlines but there’s growing concern about companies adopting ‘AI for AI’s sake’ without clear strategic value. This is especially crucial in the cybersecurity sector, where both investors and customers are eager to leverage AI. However, all parties must carefully consider what tools and practices truly enhance their security posture to not fall into the trap of throwing money at a problem that they’re not yet sure how to fix.
According to Deloitte, 69% of enterprises believe AI is necessary for cybersecurity due to an increasing number of threats that cybersecurity analysts are unable to handle.
Essentially, AI is a security enhancer. The integration of AI into security practices is considered a pivotal move, expected to bolster the detection, blocking and remediation of cyberthreats. AI’s role is viewed as a force multiplier, potentially tipping the scales in favour of security teams over attackers, for a security advantage. It is not a ‘cure-all’ against all cyberthreats. Technology must be used where it makes the most sense for data security not merely for the sake of jumping on the AI bandwagon.
Bigger budgets for better security?
The global market for AI in cybersecurity is predicted to grow at a CAGR of 19.43% between 2023 and 2032 to US$102.78 billion – a market worth just US$17.4 billion in 2022. Meanwhile, the mean annual increase in IT security budgets is reported to have reached a record high of 5.7%.
However, as we have witnessed from the increasing instances of ransomware attacks, having more money doesn’t mean better security. Security comes down to whether you spend that money wisely on the right cybersecurity strategy. Ransomware prevention in today’s cybersecurity landscape goes beyond simply allocating more budget; it hinges on cultivating a comprehensive and strategic defence approach, and that starts at the top.
Senior IT leaders must prioritise investing in appropriate areas for their particular organisation. Understanding which IT resources are involved in the various critical processes, for example, which have sensitive information and therefore require the most robust protection. Core solutions for cybersecurity are Identity Access Management (IAM), endpoint security, data security and network security. IAM specifically, is estimated to be valued at US$43.1 billion by 2029. This further illustrates the importance of regulating access to company resources by securing digital identities for both humans and machines.
Filling the gap
Global cybersecurity job vacancies grew by 350%, from one million openings in 2013 to 3.5 million in 2021. According to the 2024 Cyberthreat Defence Report, 85.8% of organisations are experiencing a shortfall of skilled IT security professionals in at least one role.
The growing skills gap is making it increasingly difficult to find qualified talent. It’s crucial to keep your top employees motivated by automating repetitive and time-consuming tasks to prevent burnout.
Additionally, providing your IT and InfoSecurity teams with exposure to a wide range of cybersecurity techniques, ensuring they are ready to take on new roles as needed, is key to future-proofing your business. Investing in your workforce is one of the most effective ways to enhance your business’s ability to respond to cyberattacks and improve overall cybersecurity readiness.
Building on Zero Trust
Zero Trust leverages powerful identity services to secure each user’s access to apps and infrastructure. As you advance from basic to more sophisticated cybersecurity measures, it’s crucial to implement an in-depth defence strategy by layering your defences. This approach ensures that if one security measure fails, another is in place to counter the attack. This becomes increasingly important as your organisation grows and its operations become more diverse and complex.
For instance, you might deploy one set of security controls for initial access, another to verify identities (like Multi-Factor Authentication), another to prevent privilege escalation and yet another to monitor all activities as a precaution. By incorporating a range of preventive, detective and mitigating security controls, you significantly improve your chances of intercepting a threat at some point along the attack chain before any substantial damage occurs.
Limiting privileged access through Privileged Access Management (PAM) controls allows you to set granular permissions for users and machines, so they can access only the resources they need to do their jobs when they need to. Instead of broad, standing privileges, users are given limited access and then rely on just-in-time, just-enough privilege elevation for limited use.
AI in cyberattacks
It’s safe to assume that cybercriminals are always exploiting new and innovative technologies to thwart businesses’ defence systems, and AI is no different. Almost all (97%) of IT professionals believe their security teams will benefit from AI, with more than half (56%) expecting those benefits to come from enhanced detection and blocking of cyberthreats. However, there is also a strong awareness that malicious actors will leverage AI to bypass security controls and exploit system vulnerabilities.
The growing use of AI in cyberattacks requires businesses to adopt additional protective measures, such as strong authentication, MFA and Intelligent Authorisation. These tools offer significant layers of defence to protect identities and credentials from AI-driven threats. Intelligent Authorisation is crucial in managing the connection between identity and data security, ensuring that only the right individuals have access to sensitive information at the appropriate times.
While AI will undoubtedly improve cybersecurity by enhancing automation for routine security tasks which improves threat detection and response times and reduces human errors and bias – it isn’t the quick fix for cybersecurity tactics. Strategically identifying your business needs first by undertaking an inventory of critical systems, allocating budget and hiring and supporting the right people is critical – ahead of employing the right AI tools. Only then will businesses be in a position to truly realise the benefits of AI for cybersecurity and Business Continuity.