-optimized.jpg){kind=avatar}
AI will be ‘top strategic priority’ for 2025, but what does that mean for cybersecurity? asks Kevin Curran, pictured, IEEE senior member and professor of cyber security at Ulster University.
Artificial intelligence (AI) is set to be the most critical technology in 2025, according to research by the Institute of Electrical and Electronics Engineers (IEEE) . The report, titled ‘The impact of technology in 2025 and beyond: an IEEE global study,’ indicated that enterprise leaders expect to see more sophisticated AI applications and algorithms that can optimise data, perform complex tasks and make decisions with human-like accuracy.
The research also found that, despite concerns around data privacy and the use of AI to evade cybersecurity protections, 44 percent of respondents believe that AI applications will be within real-time cybersecurity vulnerability identification and attack prevention. However, as AI revolutionises industries, what impact will this have on cybersecurity?
AI-enabled cybersecurity: what does the future hold?
AI will play a pivotal role in enterprises’ security strategies, enhancing overall defensive measures and reshaping organisational approaches to digital threats. In fact, the IEEE study revealed that 35 percent of all organisations expect to implement robotics within cybersecurity solutions in 2025.
The integration of generative artificial intelligence (GenAI) into cybersecurity defences is also becoming more widespread, with its use already evident in threat detection and response, automation of security tasks, simulation of cyberattacks and enhancement of security protocols. With its predictive capabilities and ability to personalise security measures to individual user behaviour, AI will help significantly reduce the number of false positives.
In addition, as security teams grow increasingly familiar with and more trusting of the technology, AI will prove invaluable when it comes to protecting critical national infrastructure (CNI), as well as other industries, such as healthcare and financial services. For example, GenAI can help fill in the gaps for cybersecurity professionals and determine where or how far along a potential attack is with regards to the kill chain. It can provide detailed threat intelligence by analysing real time data alongside contextual cues or information that can be used to identify the behaviour of threat actors or a compromised area of the organisation.
Weighing up the pros and the cons – AI-enabled threats
AI presents several opportunities for threat actors. For instance, AI can learn from previous attacks and adapt to security systems, suggesting more effective vectors or methods in real-time. Beyond generating highly convincing voice or video messages for fraud schemes, GenAI could be used to craft scam scripts, or even scale up phishing campaigns, by writing more effective emails with less typos or more personalised messages, making them harder to discern. In doing so, cybercriminals can launch attacks at a much faster rate, and to a wider range of targets.
For example, in 2024, a GenAI tool called WormGPT emerged that could operate without limitations or the ethical boundaries of legitimate services and was sold to cybercriminals on the dark web. Empowered by a large language model (LLM), WormGPT enabled emails to be sent out on masse with little-to-no mistakes. This rapidly expanded cyber criminals’ attack radius as they were able to lure more users to click on links within emails or download malware.
It does not end here; recent AI tools allow the creation of code, which hackers can use to create new forms of malware. Combined with fake audio, which can be created by sampling small sections of someone’s voice, threat actors can now launch convincing scam campaigns. For example, a finance officer of a European company could be tricked into transferring money by scammers calling them and using GenAI sampling to create a realistic audio of the CEO requesting a money transfer. Any tools such as these, which make hacking ecasier, is a cause for concern.
How enterprises can mitigate these threats
The first line of defence to stop these attacks, apart from the firewalls and intrusion detection systems, is to simply educate employees about the dangers of clicking on links. However, only a fraction will take this advice onboard. Generally, it takes people to make a mistake before they learn, however that can be too late sometimes.
There is a new movement where security teams send phishing emails containing fake malware to employees. When activated, these emails lead employees to a site identifying mistakes and flagging this to users. Employees also now need to be trained to recognise fake audio and video. It’s also important to note that there are currently no tools that can recognise GenAI-derived attacks as their strategy is used to mimic human behaviour. The generation of realistic, fake videos is concerning; security teams and employees need to be extra vigilant when responding to emails or sharing content.
In the future, helping teams to stay ahead of the latest threats – through regularly creating awareness of AI capabilities – will be crucial to an organisation’s cybersecurity strategies. However, with the recent boom of AI, it will be a double-edge sword, as threat actors attack methods will also evolve. Therefore, it is essential that businesses educate employees and establish a proactive or security-first mindset to ensure that the entire enterprise practices positive cybersecurity behaviours on a daily basis.
As the IEEE’s study has shown, organisations will be implementing more AI solutions within their security systems next year. Ahead of 2025, it is important that chief information security officers (CISOs), and other security personnel, review their current applications and security strategies to ensure that they are in the best position to stay ahead of the latest attack methods.
Security teams have a responsibility to encourage employees’ continuous education and provide regular feedback or awareness training for staff, especially as new threats emerge. That said, staff should also be far more active in security initiatives, as well as make a conscious effort in reporting suspicious activities, contributing to discussions, or even offering suggestions for improving security protocols. By fostering this culture, we can transform every employee into a vital line of defense against emerging threats.
