DOCTOR MAFUWAFUWANE: AI is transforming digital cybersecurity

Posted in Businesslive.co.za

Author: Doctor Mafuwafuwane (Security Practice Manager: Logicalis SA)

Cyberattacks pose a serious and growing threat to businesses. Data breach incidents such as ransomware attacks undermine consumer trust, disrupt operations, raise serious compliance issues and are often costly to contain and manage.

By some estimates the costs associated with cybercrime worldwide will rise to an eye-watering $10.5-trillion by 2025 — more than seven times Google’s value.

SA businesses are especially vulnerable, with ransomware attacks exceeding the global average. According to Sophos’ “State of Ransomware in SA” report, four out of five companies experienced a ransomware attack in 2022.

The financial and operational impacts of these incidents are substantial, but so too are the reputational risks, not to mention the risk of fines and penalties. The Department of Justice & Constitutional Development was recently fined R5m for its failure to address breaches in line with the Protection of Personal Information Act. Clearly, many SA organisations urgently need more effective strategies to manage cyber risks.

Strategies that are responsive to potential vulnerabilities, fit each company’s budget, factor in the local business landscape and are nuanced enough to remain relevant as risks evolve, seem like a tall order. But it is where artificial intelligence (AI) is already playing a transformative role, making best-in-class cyber security available to smaller businesses while helping large firms more effectively and proactively address complex vulnerabilities across networks in diverse markets.

There is no substitute for experienced security professionals who can apply their minds to ethical decision-making that considers the company’s core values and broader social priorities, and who are able to devise creative solutions to complex new challenges. IT teams may be great at what they do, but as human beings they can only process so much data in a given period. AI gives tech security teams the edge they need to take on increasingly sophisticated hackers and online scammers.

Malicious hackers

AI technology, which is evolving at breakneck speed, is able to swiftly identify vulnerabilities at scale. It is able to automatically trigger proactive measures to mitigate and prevent cyberattacks before they take place. AI can also enhance the insights of even the most seasoned professionals. For instance, when deployed on an organisation’s system AI can learn from the company’s data — and, more broadly, from industry data. This allows for powerful analytical and predictive insights that enable professionals to make more informed, strategic decisions.

By combining human insight and machine learning, companies can develop more robust, integrated strategies that rapidly adapt to identify and address emerging threats. With malicious hackers getting more sophisticated, enhanced threat intelligence has to be a key part of any serious IT strategy. The most advanced AI systems learn about an organisation’s network, and can even learn to work proactively to contain threats without the need for human intervention.

While some companies have truly embraced AI technology, others have been less agile. This raises the question of whether more SA managers are ready to take the leap and empower AI systems to make critical decisions. The commercial and reputational case for AI is well made, but for some leaders demonstrating trust in enabling technology is likely to require a mental paradigm shift.

AI security isn’t just faster and more efficient, it can also produce a richer and more enjoyable user experience and make navigating daily security simpler and easier for all employees. That is important from a security perspective because many security breaches are caused by human error. One of AI’s most powerful contributions will be to make everyone more responsible users of technology.

Costly delays

Regarding the experience of using conventional antivirus software, most . Most of us will have encountered a notification on our work devices alerting us to a suspicious program or email. Depending on the company’s information policy, you are likely to have to contact the IT department, log a ticket and possibly shut down your device until the issue is resolved. Meanwhile, the IT team needs to notify all relevant users across the organisation and work to detect the source of the problem before implementing corrective action.

This is often cumbersome and annoying, but it can also result in costly delays across operations. By contrast, AI will potentially provide deeper insights, explaining precisely the nature of the security issues rather than sending you a vague error code. It can also work to automatically contain the threat, deploying protective measures across the system (on everyone else’s computer). The system can even identify where information is being carelessly handled by users across the network.

AI tools make the work of the security professionals more efficient, enable the organisation to be much more responsive (and in many instances, on the front foot) and makes the experience for end users more seamless.

Practically speaking, what should businesses do now? We are still in the early stages of AI’s potential to enhance organisations’ network security. In this rapidly changing threat environment companies cannot afford to be complacent. But nor should they rush into solutions that aren’t optimised for their processes and objectives.

AI should form part of an organisation’s broader security strategy, leveraging best practice to ensure relevant, adaptive technologies that mitigate against evolving threats. SA managers should not be afraid to embrace the AI future, but nor should they proceed without an informed strategy.