Renato Mirabili Junior, Information Security Consultant at Protiviti, asks if cybersecurity is a help or hindrance to cybersecurity?
One of the most discussed topics today is AI, also being one of the most studied areas due to a peculiar characteristic: allowing tasks – once exclusive to humans – to be performed by machines through algorithms.
In Brazil, for example, AI is the main learning subject for 45% of Brazilians, according to the Workmonitor survey by Randstad, a recruitment and human resources company. The national average is above the global average and positions Brazil as a technology enthusiast country.
We can say that among the main activities of this technology are learning, reasoning, understanding (and generating) natural language, computer vision, voice and image recognition, decision making and planning, robotics, art and creativity, process automation, scientific research and resolution of complex problems.
Currently, AI is being applied by governments and private organizations of all sizes. Proof of this is a recent survey released by Microsoft and Edelman Communications revealing that 74% of micro, small and medium-sized companies in Brazil use AI. Furthermore, its use is applied in various areas such as healthcare, education, finance and entertainment. But it is important to mention that as these applications grow, the need for more effective cybersecurity also arises.
According to a report by Netscout, Brazil is the main target of cyberattacks in Latin America, with almost 42% of cases in the region. And it’s not only large organizations that are at the mercy of these cybercriminals. Small and medium-sized enterprises, due to low investment in security and infrastructure, and the end-user, due to the rise of the digital economy in the country, have become quite attractive victims.
Considering this aspect of ensuring all information, which is cybersecurity, should we assess AI as an ally or an enemy? Considering that AI cannot (and should not) replace humans, its role tends to be crucial in the fight against cyberattacks, automatically detecting threats, anomalies and even security automations faster.
Regarding the possibility of AI being used in cyberattacks, we can already consider this as a real threat, as cybercriminals, acquire technical knowledge, they also use AI to create vulnerabilities and increasingly powerful threats. Unlike traditional threats, AI-based attacks are potentiated by the ability to learn and adapt autonomously, enabling faster, more destructive and mass virtual crimes.
According to data from CrowdStrike, the average time of invasion, known as ‘breakout time’, is already at 62 minutes. In this case, we can say that a silent war is taking place, and cyberspace becomes a major battlefield.
Given this scenario in which AI assumes unprecedented power – for good and for bad, it is of utmost importance that there is collaborative work among cybersecurity professionals, business and risk management so that organizations are prepared and updated to deal with new attacks and opportunities that AI can provide. Moreover, it is necessary for there to be mutual collaboration between governments, organizations and society in general to create laws and compliance standards with the aim of ensuring that AI is used in a safe, integral, ethical and beneficial manner to all.