Artificial intelligence is both a curse and a blessing for cybersecurity efforts. On the one hand, cybercriminals can use the technology to launch ever-more sophisticated attacks. On the other, security teams can leverage AI to better detect potential threats.
CFOs looking to help bolster cybersecurity in their organizations need to have a thorough understanding of both sides of the coin. Here’s a look at how AI is having an impact on cybersecurity, for better or worse.
The bad
Attackers are using AI to generate more phishing and spear-phishing attacks than ever, and they are harder than ever to detect and stop by enterprise staff, says Dan Lohrmann, field chief information security officer at technology services and consulting firm Presidio.
As agentic AI emerges it will become a new cyber threat vector, Lohrmann says.
“Agentic AI, capable of independently planning and acting to achieve specific goals, will be exploited by threat actors,” Lohrmann says. “These AI agents can automate cyberattacks, reconnaissance and exploitation, increasing attack speed and precision.”
Malicious AI agents might adapt in real-time, bypassing traditional defenses and enhancing the complexity of attacks, Lohrmann says.
AI-driven scams and social engineering will surge, Lohrmann says. “AI will enhance scams like ‘pig butchering’ — long-term financial fraud — and voice phishing, making social engineering attacks harder to detect,” he says.
AI helps tailor phishing messages, making them highly believable and leading employees to falsely assume they’re from trusted colleagues, friends or family, says Mike Cullen, principal at advisory, tax and assurance firm Baker Tilly. “The technologies used in these sophisticated attacks pose a huge threat to organizations, especially those lacking proper employee cybersecurity awareness and training,” he says.
“Failing to consider the risks associated with the rise of AI-powered platforms can place a business at risk of serious repercussions.”
Melissa Carmichael
Head of U.S. Cyber, Beazley
One of the most significant AI-based threats is deepfakes and impersonation, “Sophisticated AI-generated deepfakes and synthetic voices will enable identity theft, fraud and disruption of security protocols,” Lohrmann says.
“Bring-your-own-AI”, where staff brings their own free tools and/or use unauthorized paid tools and AI apps that are not secured, will accelerate, Lohrmann says. “There is an explosion of ‘shadow IT’ or ‘shadow AI’ that can lead to sensitive data being put into these consumer apps,” Lohrmann says.
This unauthorized use of AI could cause privacy and security incidents, loss of control of personally identifiable information, Lohrmann says.
Generative AI, or AI that creates content, can also assist in phishing and deepfake attacks, as it is empowering cyber criminals with the ability to enhance their techniques and increase their threat to victims, says Melissa Carmichael, head of U.S. Cyber at Beazley, a specialty insurer.
“Sophisticated generative AI-enabled phishing attacks are leaving victims and businesses exposed to a more heightened risk than ever before,” Carmichael says. “Failing to consider the risks associated with the rise of AI-powered platforms can place a business at risk of serious repercussions,” Carmichael says.
The good
AI can also benefit organizations’ cybersecurity programs. “In general, AI-enabled platforms can provide a more robust, technology-backed line of defense against threat actors,” Cullen says. “Because AI can process huge amounts of data, it can provide faster and less obvious alerts to these threats.”
Cybersecurity teams need to “fight fire with fire” by detecting and stopping threats with AI tool sets, Lohrmann says. For example, with new AI-enabled tools employee actions such as inappropriate clicking on links, sending emails to the wrong people, and other policy violations can be detected and stopped before a breach occurs.
“Similarly, new AI–enabled cyber tools can detect trends on networks and stop data breaches before they happen or alert while they are in progress,” Lohrmann says. “For example, a denial-of-service cyber attack or malicious code being deployed or data being exfiltrated could be detected in real-time and stopped before damage is done.”
AI can also be used for training and simulations regarding tabletop exercises, planning for cyber and other emergencies and communicating situational awareness to the right people during a cyberattack, Lohrmann says.
CFOs can ensure AI tools enhance cybersecurity by aligning investments with business goals, prioritizing tools that provide real-time threat detection and leveraging AI to automate repetitive tasks like monitoring and risk analysis, Lohrmann says.
Indeed, the automation enabled by AI and machine learning can be one of the biggest benefits for cybersecurity processes. Organizations can use AI to monitor their network traffic and analyze user behavior to look for anything that might be troublesome. And AI can automate routine tasks, freeing up security teams to focus on more complex issues.
“New AI-enabled cyber tools can detect trends on networks and stop data breaches before they happen or alert while they are in progress.”
Dan Lohrmann
Field chief information security officer, Presidio
Collaborating with cybersecurity teams, CFOs should assess return on investment and compliance impact, to ensure that the tools and services they are implementing are actually working effectively, Lohrmann says. “Regular audits of AI effectiveness, coupled with employee training on AI-enabled systems, ensure seamless integration and adaptability to emerging threats while safeguarding organizational assets,” he says.
A human-based cybersecurity function performing practices such as proactive risk management, incident response planning, recovery planning, training and awareness is still the best strategy for risk mitigation, Cullen says. “But using tools like AI can help organizations perform those tasks more effectively,” he says.
AI isn’t going away; in fact, it’s going to be more and more prolific as companies find new and more effective ways to leverage the technology for business gain.
Cyber criminals will be making the most of AI to launch more sophisticated attacks than ever. That means CFOs and the security leaders and teams at their organizations need to not only stay up on the latest threats but use AI tools and services to strengthen their defenses.
