New ISF Paper Attempts to Demystify AI in Information Security

In a paper released today, the Information Security Forum is urging organizations to capitalize on the opportunities offered by artificial intelligence while taking sensible steps to reduce the risks posed by this still immature technology.  

Demystifying Artificial Intelligence in Information Security defines exactly what AI is, then lays out a realistic analysis of what it can do, and will be able to do soon, for both legitimate organizations and criminals.

While detailing AI's potential to significantly improve cyber-defenses, especially around early threat detection, ISF's research recognizes that the technology carries with it the disease as well as the cure. 

Researchers wrote: "No matter the function for which an organization uses AI, such systems and the information that supports them have inherent vulnerabilities and are at risk from both accidental and adversarial threats. Compromised AI systems make poor decisions and produce unexpected outcomes.

"Simultaneously, organizations are beginning to face sophisticated AI-enabled attacks—which have the potential to compromise information and cause severe business impact at a greater speed and scale than ever before."

According to researchers, companies that have already adopted AI while it's still in its baby feathers have enjoyed benefits that include being able to counter existing threats more easily. But, as threat actors nurture their own twisted versions of the new technology to maturity, this early advantage will shrink into nothingness. 

"An arms race is developing," said ISF's managing director, Steve Durbin. "AI tools and techniques that can be used in defense are also available to malicious actors including criminals, hacktivists, and state-sponsored groups. 

..

Support the originator by clicking the read the rest link below.