How are advancements in AI technology changing the landscape of cybersecurity threats for companies?

Cybersecurity activities such as threat detection, vulnerability management, and incident response generate a tremendous amount of data that must be analyzed to differentiate between active threats and false alerts or low-priority actions. Advancements in AI are helping to analyze this data in real-time, identifying patterns and anomalies that might indicate an active security threat. This allows for quicker detection and response to potential breaches, reducing the time it takes to mitigate risks. However, AI also enables attackers to develop more advanced threats, creating a continuous arms race in cybersecurity.

How are AI-driven phishing attacks evolving, and what makes them more challenging to detect compared to traditional phishing attempts?

Threat actors are creating AI-driven phishing attacks that are more focused and harder to detect.  In the past, poor grammar and misspelling used to allow easy detection of a phishing email.  Use of AI allows attackers to gather intelligence on their targets and create perfect messages that are more difficult to detect.  In addition, AI generated deep fake voice and video calls are breaking the traditional safeguard of calling the requestor to verify the authenticity of requested actions such as money transfer.

Where are companies likely to find AI-enabled cybersecurity capabilities today?

Many modern endpoint detection and response (EDR) tools integrate AI technology to help detect malicious activity on computers. These tools go beyond traditional anti-virus and malware detection, using AI behavior analytics to review how accounts or software are being used to identify suspicious activity.  For example if an account logs in at an unusual time such as the middle of the night, or on an uncommon system, this can be automatically  locked down pending review.