LogRhythm feels 2024 will be all about AI in cybersecurity

• AI will be core to cybersecurity in 2024.
• In 2024, the symbiosis between AI and botnets will witness a significant surge.
• The shortage of skilled AI professionals stands out as a key obstacle to AI adoption in Asia Pacific.

Generative AI in cybersecurity is already becoming an increasingly sought-after solution for businesses in 2023. This momentum is expected to continue in 2024 as businesses look to rely on AI to not only boost their cybersecurity but also to solve the shortage of cybersecurity talent.

Generative AI cybersecurity solutions today can enhance cybersecurity in several ways. Those include automating repetitive tasks and reducing human error, as well as detecting and responding to cyberthreats faster and more efficiently. AI in cybersecurity can also use predictive intelligence to anticipate and prevent attacks. Businesses can also use AI to balance security with user experience and reduce fraud.

While AI is becoming a core component of organizational strategies to defend data and systems from cyberattacks, it also poses some challenges and risks for cybersecurity, such as:

• Generating realistic and convincing fake content and identities
• Exploiting vulnerabilities and biases in AI systems and data
• Evading detection and attribution by using AI techniques
• Increasing the complexity and sophistication of cyberattacks

Therefore, AI in cybersecurity requires careful design, implementation, and oversight to ensure its benefits outweigh its drawbacks.

Generative AI will augment cybersecurity

According to Andrew Hollister, CISO and VP Labs R&D at LogRhythm, generative AI will augment, not replace, Security Operations Centers (SOC) analysts in cybersecurity. As the cybersecurity landscape evolves, generative AI’s role within SOCs will be characterized by augmentation rather than replacement of human analysts, due to its maturity limitations.

For the Asia Pacific region, which faces a critical shortage of 2.7 million cybersecurity workers, Hollister believes that generative AI will be able to help and enhance the capabilities of short-staffed SOC teams with the necessary expertise to interpret its output, proving especially valuable for mid-level analysts.

“Organizations will need to discern genuine generative AI contributions from marketing hype, and the debate between investing in more technology like generative AI or hiring additional SOC analysts will persist, with the human factor remaining crucial. Success will depend on aligning these tools with analyst workflows rather than relying on superficial intelligence,” said Hollister.

At the same time, Hollister pointed out that generative AI adoption will lead to major confidential data risks.

“Just as there was initially a lack of understanding regarding the shared responsibility model associated with cloud computing, we find ourselves in a situation where generative AI adoption lacks clarity. Many are uncertain about how to effectively use generative AI, where its true value lies, and when and where it should not be employed. This predicament is likely to result in a significant risk of confidential information breaches through GenAI platforms,” added Hollister.

This echoes findings from a recent survey of channel partners by LogRhythm, which found 47% to have grave concerns about AI tools causing data leaks, while 18% are particularly anxious about potential leaks of proprietary business data.

Investing smartly in cybersecurity

As 2023 witnessed increased investment in AI cybersecurity solutions, Kevin Kirkwood, the deputy CISO at LogRhythm pointed out that static security investments will leave organizations vulnerable to evolving threats.

According to Kirkwood, a concerning trend will persist in the cybersecurity landscape, whereby organizations repeatedly invest in security measures on the assumption that their security posture is sufficiently fortified. However, a critical perspective often overlooked is that hackers share this same mindset, recognizing when organizations become complacent in their investments.

“The reality is that security is an ever-evolving landscape, and if a security program is not continually adapting and enhancing its defenses, it remains vulnerable to emerging threats. The new year will underscore the importance of not just initial investments but a sustained commitment to security to effectively thwart evolving cyberthreats,” Kirkwood mentioned.

What’s more, in 2024, AI in cybersecurity will shift from hype to practical application. As security companies proudly proclaim their use of AI and machine learning as supportive tools, focusing on how these technologies can accelerate tasks and elevate the capabilities of analysts, the hype surrounding AI will begin to wane as it enters the “valley of despair,” prompting a shift from marketing emphasis to practical education on its applications.

“The question of AI’s mainstream integration into our culture will persist, reflecting the ongoing exploration of its true potential and practical implementation in cybersecurity,” added Kirkwood.

Meanwhile, Sally Vincent, senior threat research engineer, believes that in 2024, the symbiosis between AI and botnets will witness a significant surge.

“The convergence of AI capabilities will empower the proliferation and sophistication of botnets, amplifying their potency to orchestrate complex cyberthreats. AI-powered botnets will exploit advanced algorithms to expand their reach and impact, intensifying the challenges faced by cybersecurity. This alarming trend will necessitate innovative defense strategies and heightened vigilance to counter the escalating threat posed by botnets, reshaping the landscape of digital security measures,” Vincent explained.

AI and cybersecurity in Asia Pacific

IDC predicts that spending on digital technology by organizations will grow at four times the rate of the economy in 2024. Additionally, by 2027, 80% of CEOs will assert that their C-suite technology leader’s primary function should be to invest in digital-first initiatives, according to an IDC prediction.

In fact, IDC claims that by 2026, tech providers will allocate half of R&D, staffing, and CAPEX investments to AI/automation, resulting in CIOs struggling to align vendor selection and IT operations priorities with new use cases. As AI evolves from handling specific tasks to broader applications, the need for data-centric infrastructures, skill transformations, and trust will be further emphasized.

Joanne Wong, vice president for international markets at LogRhythm highlights the shortage of skilled AI professionals as a key obstacle to AI adoption in Asia Pacific. Wong explains that the coming year holds immense promise for businesses to realize the value of AI at work. Yet the lack of skilled professionals remains a barrier to greater adoption of AI solutions in Asia Pacific.

“It is evident that despite the advantages AI offers in terms of automation, human expertise continues to play a pivotal role in bridging the gap between the capabilities of an AI solution and the distinct requirements of an organization. With AI poised to add US$1 trillion to the ASEAN’s GDP, businesses will have to bolster AI skills training and initiatives, and equip the workforce with the skills and tools needed to maximize the full potential of AI at work,” stated Wong.

Singapore’s Changi Airport Terminal 5 and Tuas Port, along with Indonesia’s ambitious Nusantara capital project, are at the forefront of major infrastructure developments poised to propel economic growth in the region. However, as these projects are designed to be digitally native, they introduce numerous vulnerabilities that malicious actors could exploit.

Wong explained that this situation escalates the demand for cybersecurity professionals specializing in critical infrastructure. These experts are essential for devising and implementing solutions to safeguard against the unique threats these advanced systems face.

Looking into AI-powered attacks in 2024, Wong pointed out that the healthcare industry will be most susceptible to such attacks. Highlighting Singapore’s public healthcare institutions’ DDoS attacks in 2023, Wong said ensuring the security and continued operations of healthcare institutions will be top of mind for many.

“As AI becomes more integral in diagnostics, patient data management, and medical tools, there will be a notable rise in targeted breaches, jeopardizing the confidentiality and reliability of vital health information. The vulnerability of interconnected systems will compel a critical reevaluation of cybersecurity measures, marking a pivotal moment in fortifying defenses against AI-powered attacks in healthcare,” she concluded.

---

---

---

---