Q&A with Dalal Alharthi, assistant professor in the College of Applied Science and Technology and former corporate cybersecurity engineer.
What are some of the ways AI is changing how enterprises approach cybersecurity?
Today, AI is used mainly for detection. Companies are using AI-powered threat detection tools to search the internet for files that may have accidentally been made publicly accessible, leaked data and employees creating random logins using their company email and password. AI can deliver daily reports on those types of security issues.
One of the hot issues in industry, however, is how to use AI to automate the remediation of vulnerabilities. Having AI automatically fix security issues it detects is fast and cost efficient, but it can also break other functionalities in the process. The challenge is how to strike the balance between human and AI remediation.
Cybersecurity is always an arms race. Has AI introduced new threats?
Certainly, AI has indeed introduced novel threats, not only by enabling more sophisticated and automated cyberattacks, but also by creating convincingly deceptive phishing emails.
But from both a researcher perspective and a practitioner perspective, the more I learn about this field, the more I know that there is no way that we can be 100% secure.
Social engineering – manipulating or deceiving someone – will always be the way to gain unauthorized access, so I think it’s really “the human firewall” we need to work on more. Even with the most advanced technologies, if we do not invest in employee awareness, we will never be secure.