![European American Chamber of Commerce New York [EACCNY] | Your Partner for Transatlantic Business Resources](https://eaccny.com/wp-content/uploads/2020/06/eaccny-logo.png){kind=logo}
Key insights:
• As artificial intelligence (AI) continues to expand and be used in more organizations and more applications, remember the associated risks and need for guardrails.
• Information technology departments must stay one step ahead of malicious actors. Develop regulations and governance to verify the security of AI models.
• AI can be used to help effectively monitor cybersecurity but it’s important to verify the system has controls to protect against potential compromises. Consider system development lifecycle, change management, segregation of duties, and logical security when implementing AI monitoring systems.
Artificial intelligence (AI) has significantly evolved, transitioning from simple, single-purpose tools to complex systems capable of analyzing vast amounts of data.
As AI continues to expand and be used in more applications, remember the associated risks and need for guardrails.
Like any technology, using AI comes with cybersecurity risks. Learn what your organization should look out for — and how to increase protection — when it comes to AI.
The impact of AI agents on cybersecurity
AI and cybersecurity both involve autonomous agents, which are software programs or systems that can perform tasks without human intervention. While AI is a powerful tool, remember agents are still dependent on humans setting the parameters and creating the correct action. AI agents can be given a task such as researching and creating a paper — and with the right tools — it can find sources, write the report, and synthesize information.
Some technology professionals believe AI is an existential risk to humanity while others think those fears are unfounded with no evidence to back them up. Whatever you personally believe, remember AI is still evolving and we must exercise caution and thought when using agents.
Balancing cybersecurity and human error
Cybersecurity professionals are warning of a conundrum with AI, as it allows criminals to act quicker and smarter. With the increased use of AI models, realize some are not coded by the most benevolent people and can be used for unsavory activities.
At the same time, most breaches are still caused by human error, raising the question of how we keep up with technology as human beings. AI-manipulated media known as deepfakes have become more advanced, allowing the imitation of CEO’s voices, which is an issue when it comes to popular gift card phishing scams.
Be extra vigilant and use multiple methods of validation with emails.
How AI can help reduce cybersecurity threats
As businesses deepen their reliance on AI, information technology departments must stay one step ahead of malicious actors. AI is increasingly being used to create malware and ransomware, making it more difficult to prevent these attacks. Businesses need to be proactive in using AI to detect and respond to threats in real-time.
Implement basic security measures such as firewall testing, penetration testing, and written information security policies. In addition, security tools using AI to scan codes for vulnerabilities can help detect and prevent potential attacks. By taking these steps, your organization can be better equipped to respond to malicious actors and the ever-evolving threat landscape.
How IT might incorporate AI in cybersecurity
AI can analyze huge amounts of data much faster than humans, which is invaluable for monitoring and detecting malicious activity. AI can also be taught to ignore guardrails, which can lead to data poisoning, which is when false data is purposely added to corrupt machine learning algorithms. IT professionals should educate themselves on the risks and benefits of AI and consider including it in their acceptable use policies.
Incorporate AI-related discussions in your organization’s employee manuals. Develop regulations and governance to verify the security of AI models. AI use policies should outline tool usage, data restrictions, and oversight responsibilities. Also, if you use third-party vendors, ask how they use AI, what data trains their models, and what safeguards are in place to protect your organization’s information.
AI can be used to help effectively monitor cybersecurity but it’s important to verify the system has controls to protect against potential compromises. Consider system development lifecycle, change management, segregation of duties, and logical security when implementing AI monitoring systems.
How CLA can help reduce cybersecurity risks from AI
Artificial intelligence can bring many benefits to organizations, but cyber criminals have access to the same technology. CLA’s cybersecurity team can evaluate your IT operations and environment and give you a critical analysis of your controls to help maintain a secure and resilient technology infrastructure.
See original post, with video explanations, here.
Compliments of CLA (CliftonLarsonAllen) – a member of the EACCNY