The world around us is digitising at mesmerising speed. As an IT product consumer, it’s incredible to see how fast new updates pop up on your smartphone. Collaboration tools add new productivity features on a daily basis. And customers and business partners expect organisations to accelerate in terms of digital experience and client focus at that same lightning speed.
Organisations want to protect their most valuable assets—the ‘crown jewels’—from the prying eyes of competitors, from getting compromised by malicious adversaries and from misaligning with corporate and regulatory policies. Faster than ever, more consistently than ever.
It can be difficult to keep pace on the delivery side, but the challenges are even greater for cybersecurity teams. Across all industries and enterprise sizes, effective cybersecurity leaders are tapping into maturing AI technologies to assist with the day-to-day safeguarding of crucial digital assets.
As in other countries, the cyber threat landscape in Belgium is heavily influenced by AI. An increase in cyberattacks has led businesses to look to AI to assist with their decision-making processes. Existing technologies are augmented with AI, helping to triage events and suggest improvements to control surfaces, such as technology policies, firewall settings, and anti-malware configuration.
This opportunity to introduce AI to the decision-supporting or even decision-making processes, can free up Tier 1 and Tier 2 analysts to assist with more specialised tasks—and with the continuing shortage of IT and cybersecurity specialists in Belgium, businesses that up-skill their analysts may gain an operational advantage in terms of efficiency and retention.
In addition, and as mentioned in the Tech Stack Goes Physical, Belgian businesses have increasingly embedded smart devices at the heart of their operations. As a result, the attack surface in 2022 is much expanded compared to the beginning of 2020, with mesh networks, large scale IoT implementation and the introduction of 5G and 6G networks.
However, hesitancy remains around certain crucial processes. AI has not yet taken off in industrial control systems due to concerns around the ethics (transparency) and security of the algorithms.
As businesses use AI to defend themselves, cyberattackers are increasingly attacking the AI algorithms, installing bias, and using AI bots and AI to introduce ‘fuzziness’ into the attacks, in order to avoid detection. They have also used AI to slow down their attacks, submerging them into day-to-day noise to avoid detection. For example, slow password guesses often go unnoticed among the many genuine instances of users entering incorrect passwords. Attackers in Belgium are increasingly seen to be advanced, determined, and have time on their side.
While this adoption of AI by cyberattackers increases the challenge for defenders, the outlook is positive. Cybersecurity teams succeed in detecting cyberattacks at earlier stages thanks to AI-driven decision support systems, and are able to apply smarter defence technology to actively adjust cyber security measures based on the behaviours observed in both users and attackers. Cyber defence enabled by AI also allows defence engineers to manage larger networks, with higher numbers of loosely-connected devices. In Belgium and abroad, AI-enabled defensive technologies are ready for deployment and have transitioned into mainstream security solutions.
There’s no denying that AI could have a significant impact on all aspects of business and society, and organisations that do not incorporate AI will be left behind. Cybersecurity issues are likely to persist, with AI offering an impactful solution. Major players are increasingly marketing the extensive potential of AI, however it remains to be seen if they can deliver on all the promises. The implementation of AI also gives rise to many ethical questions that the proposed AI Act will hopefully address as it strives to become the global standard, ensuring that AI has a positive rather than a negative effect on people’s lives.