The quickly evolving nature of AI is a double-edged sword so far as cybersecurity goes. As user-friendly and helpful as Generative AI (Gen AI) will be, it is additionally being misused ever extra often in the type of trickery and manipulation, corresponding to deepfaking the voice, face or identify of an individual or organisation to elicit funds. By 2027, for instance, 17% of complete cyberattacks will contain the usage of Gen AI, in keeping with Gartner1. This determine is anticipated to rise rapidly.
Whereas high-profile incidents proceed to underscore the dimensions and class of AI-driven threats, the identical know-how additionally equips firms with highly effective, proactive instruments to defend their vital infrastructure and keep forward of attackers. For instance, detecting patterns to determine intrusions into networks, or recognizing new malware and different threats can flag uncommon and doubtlessly dangerous exercise a lot faster than any human might.
As a end result, AI’s position in cybersecurity has advanced from a technical concern into a strategic enterprise crucial.
“Cybersecurity is among the key considerations at present, and corporations are investing closely to fight this”
Aaron Chiew, Head of Digital Channels for DBS’ Institutional Banking Group
AI’s darkish facet: New frontiers in cyber threats
AI brings highly effective capabilities, however those self same capabilities are amplifying cyber dangers in three main methods:
- Accelerated processing instances – AI can course of huge datasets very rapidly, enabling scammers and fraudsters to determine exploitable patterns and design new rip-off ways with unprecedented effectivity.
- The prevalence and believability of deepfakes – a case in level was in Hong Kong, the place deepfake know-how was used to impersonate firm executives on a video name, efficiently convincing an accounts clerk to switch $25 million to fraudsters.2
- Speedy creation of misleading or manipulative data within the type of rip-off content material – together with automating rip-off calls, producing reasonable trying faux advertisements, and creating web sites that mimic professional companies to trick folks into offering delicate data or making unauthorised funds.
Such threats have far-reaching repercussions, past the apparent monetary losses. Some of the damaging is the erosion of belief, each inside the organisation and with shoppers.
For instance, Chiew famous staff might begin to query the authenticity of the calls they obtain, unsure whether or not they’re really chatting with the particular person they imagine they’re. This rising uncertainty might result in extra verification steps and processes to verify the legitimacy of communications. “What might need been a fast transaction within the pre-AI world might now take for much longer,” he stated. “Whether or not companies can preserve the identical degree of operational effectivity going ahead is more and more unsure.”
The harm doesn’t cease on the workplace door. Rebuilding belief with clients can take a very long time as soon as a cybersecurity incident turns into public information.
Stepping up defences in opposition to AI cyber threats
Firms should not standing nonetheless on this new period, with the risk from AI now high of thoughts. For instance, 66% of organisations count on AI to have probably the most vital impression on cybersecurity within the yr to return3.
In response, funding in cybersecurity safety measures has risen considerably throughout varied business sectors. For instance, in August 2024, Gartner projected that international end-user spending on data safety would develop by 15% this yr to $212 billion4.
On the similar time, firms are reviewing their processes and implementing stricter communication insurance policies with regard to the position of AI instruments as a complicated solution to rapidly spot and reply to risks, stated Chiew. “They’re relooking at how they work together with one another in a digital area, to know how they implement these cybersecurity safety measures safely so the present processes can run easily.”
That is triggering motion corresponding to extra outlined knowledge safety insurance policies when it comes to assortment and storage, together with stricter pointers for utilizing social media, plus common penetration testing of techniques and infrastructure.
Turning cyber threat into operational resilience
Firms are at totally different phases of their cybersecurity journey, however in all instances a transparent and structured path to safety is important.
Based on Chiew, early-stage firms ought to begin with the fundamentals:
1. Confirm all requests rigorously
At all times double-check the credibility of requests acquired by electronic mail – particularly these involving delicate monetary modifications. For example, if an worker requests a payroll replace or a provider emails to vary financial institution particulars, verify the request by calling again utilizing a verified quantity on document.
2. Audit your inner processes
Often evaluate inner workflows to determine weak factors that could possibly be exploited by means of human error or fraud. Even small procedural gaps can open the door to cyber threats.
For mature-stage firms, the secret’s to strengthen and stress-test:
1. Put money into penetration testing
Interact cybersecurity professionals or specialist businesses to conduct penetration testing and simulate assaults. This helps uncover vulnerabilities in techniques, processes, or infrastructure earlier than attackers do.
2. Constantly monitor and improve techniques
Periodically evaluate your infrastructure and safety protocols to remain forward of evolving threats. As Chiew warns: “It solely takes a single loophole or hole – and for scammers, discovering and exploiting these gaps is a full-time job.”
Discover DBS’ assets for companies to guard in opposition to scams: https://go.dbs.com/ProtectYourBusiness
Keep forward of the curve with Enterprise Digital 24. Discover extra tales, subscribe to our e-newsletter, and be part of our rising neighborhood at nextbusiness24.com
