AI is a ‘double-edged sword’ in cybersecurity, says this professional

14 Jun 2023

Image: Catherine Williams

BT’s Catherine Williams on why cybersecurity is a matter for everyone and how there are no silver bullet quick fixes when it comes to threat defence.

Catherine Williams is a threat intelligence specialist, which might sound like she busts spies for a living but in reality, she’s more likely to be faced with an attack orchestrated by an automated bot.

In her line of work as a cybersecurity professional with telecoms giant BT, Williams has seen ChatGPT completely change the threat landscape. “AI-powered bots such as ChatGPT can be used to automate cyberattacks, such as phishing campaigns or brute-force attacks. I think one of the most unnerving developments is the ability of these bots to mimic human behaviour, where they can engage in convincing conversations, gather sensitive information and manipulate users into taking actions that compromise their security.”

That’s not to say that AI is all bad news. “We’re getting AI on both sides of the battlefield whereby adversaries are actually employing AI techniques to evade AI-powered detection systems,” says Williams, adding that “it is important to recognise that AI in cybersecurity is a double-edged sword.”

AI on both sides of the battlefield

While she says AI is introducing new challenges and risks, it is also “massively enhancing cybersecurity capabilities”. For example, it is improving the efficiency and accuracy of threat detection by analysing vast amounts of data in real-time; detecting things that may be missed by traditional security tools.

It is also able to generate algorithms to analyse malware behaviour and identify new, unknown threats, according to Williams. And that isn’t all. AI can strengthen authentication mechanisms by incorporating biometrics, behaviour analysis and adaptive access control.

“Because of its dual-use, robust AI governance, constant monitoring and the progression of defensive AI technologies is crucial,” as a caveat against bad actors, warns Williams.

She has noticed a rise in nation-state-sponsored cyberattacks and threats, which, she says often involve “advanced persistent threats aiming to steal sensitive information, disrupt systems or gain control over critical assets”.

Her role at BT involves working to extract intelligence from big datasets the company works with. She adds context where appropriate to the intelligence before making it accessible to the right stakeholders.

Aside from the evolving threat landscape, the biggest challenge Williams faces is the sheer scale of the data she works with. “We’re talking petabytes.

“This can feel overwhelming, so it needs to be filtered in the right way to make it manageable and help us prioritise the key threats to ourselves and our customers.” In filtering the data, there are legal and privacy considerations to be taken into account – everything has to be in accordance with data protection laws.

‘Frustrating’ misconceptions around cybersecurity

There are also a lot of misconceptions around cybersecurity to contend with. Perhaps the biggest, most “frustrating” one Williams identifies is people thinking security is solely an IT person’s concern.

“Cybersecurity is a shared responsibility that involves everyone in an organisation, from top-level executives to end-users. It should be integrated into the company culture, with employees trained in security awareness to follow best practices, policies and procedures – whether that’s what phishing methods to look out for, or the fact that a strong password is not infallible and that the slight inconvenience of additional verification methods is actually a big part of what makes the human firewall strong against attacks.”

With the adoption of cloud computing growing all the time, Williams says it is crucial to secure environments as vulnerabilities in cloud infrastructure or human error can lead to data breaches and attacks. Likewise, IoT devices have introduced similar new security challenges.

“Collectively, people have a choice: do they continue to be the weakest link in an organisation’s security posture or do they shape up on the security front and become part of a powerful ring of defence,” says Williams.

‘No silver bullet solution’

Everyone has to worry about security, no matter what the size or perceived value. “Automated and opportunistic attacks can target anyone…Even if it is believed you don’t have sensitive data, you can still be targeted for your infrastructure, e.g. becoming the latest botnet recruit, or for compromising customer or third-party data.”

And Williams has bad news for anyone looking for a security quick fix. “There is no silver bullet solution that can guarantee complete cybersecurity. A comprehensive cybersecurity strategy requires a combination of multiple security measures, including a multi-layered defence approach, with regular updates and ongoing monitoring.”

Perhaps the reason she is so emphatic about the need for better overall understanding of cybersecurity is she has personal experience.

“My interest in cybersecurity and IT in general was sparked relatively late on, as a result of a prolonged cyber incident which negatively affected my personal life,” she recalls, adding that she considered herself “an utter tech newbie” until she began her current career path. She comes to tech from a background in medicine and biomedicine.

“The transition into cyber from medical science, however, was not as difficult as you might suppose. There are a lot of transferrable, cross-disciplinary skills such as problem-solving, statistics and in-depth research and analysis.”

She is proof that cybersecurity is for everyone – and for anyone thinking of honing their cyber safety skills, she advises: “Getting curious and learning about cybersecurity will not only increase your safety online, but may even lead to a rewarding and thoroughly enjoyable career.”

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Blathnaid O’Dea was a Careers reporter at Silicon Republic until 2024.