The explosive emergence of AI on the scene of the IT world has caused jubilation, panic, confusion, and questioning. There seems to be more questions than answers at this point in time with just how far this technology will go and the impact that it will have on modern society. In this blog, I am going to focus on breaking down the pros and cons of the impact that AI is going to have on cybersecurity. Regardless of your stance on AI, it is here to stay and will not be able to be regulated through a government entity for a long amount of time. It is better to prepare yourself for what is to come and to be informed on the topic rather than deny the existence or move too slow to adapt.

So, what is AI? I'm sure that 99% of the people reading this article know what AI is but I'm still going to put it in plain terms for people to reinforce the other topics discussed in this blog. AI stands for Artificial Intelligence. It is different based on different companies and use cases so when I think of it in broad terms I think of it as: Different computer entities that are trained via humans or complex coding algorithms to be able to do complex tasks that would normally require a human to do. This generally means that they are highly functional and incredibly efficient at medial tasks that may take humans a long amount of time to complete. For instance; analyzing data, identifying patterns, creating text, audio or videos, and creating responses to prompted data. AI in cybersecurity will involve detection, response, monitoring, analytics, advanced malware, convincing phishing, mimicking of personal traits, and data manipulation.

Let's talk about the positives first. The potential use that AI has is like automation on steroids in the realm of cybersecurity. AI can almost instantly detect threats and respond to incidents that occur. AI sifts through large amounts of data and can identify patterns and anomalies that could be potential security threats. Preventative measures through past analysis of incidents with constant threat updating from multiple databases is also possible with AI. All of this is in combination with normal automation that has taken hold of the cybersecurity industry over the past decade. AI is improving the accuracy and reducing false positives through constant learning. The constant learning practices of AI also allow it to be able to more quickly detect new vulnerabilities by constantly comparing CVEs and security databases. AI is not only used as a shield from the outside world but also within organizations as well. One major thing that isn't talked about as much as I believe it should is the ability that AI computing has on reverse engineering exploits. All of the other things that I have mentioned can be performed by regular automation but the higher computational algorithm possibilities will make AI extremely efficient at these processes. The ability for an ethical hacker to discover the methods of an exploit creation via AI will save countless hours and help to bring a lot of unethical hackers to justice.

Malicious practices are a given with any new technology or computational device. AI powered attacks will be more powerful and sophisticated providing advanced malware, phishing attempts, and AI driven DDoS. An expert unethical hacker could potentially develop AI to adapt to network defenses in the same way that the network defenses use AI to detect the threats. The main method of operation that I believe AI will be used for in the unethical world would be the ease of which natural language can be used in phishing attempts. A hacker could potentially use AI to craft realistic conversations and emails to reach out to people in attempts to steal credentials or information. A zombie botnet could be amplified beyond belief with AI possibilities. Another malicious method of operation that AI could potentially be used for is data manipulation. When large data sets are involved, AI is perfect at sifting through them and changing outcomes. A malicious actor could use this purpose for AI for influencing political data sets in bias injections. We've already seen this happen in some LLMs that have become overly political bias towards one side or the other. It has actually already gotten to the point where people have created methods of diagnosing the political bias of these LLMs so that you can use them at your own discretion.

AI is a tool that is not going away. Whether you believe it is good or bad for the world, this technology is going to become a big part of the tech industry and your daily life if it hasn't already. The benefits of AI in cybersecurity will go as far as the vendors are allowed to take them and how well they are implemented. Things like advanced automation, detecting anomalies, constant threat updating, improving accuracy, and reverse engineering exploits are things that AI excels at. On the other side of the coin, things that can be used for harm include: advanced malware creation, phishing attempts, and DDoS. The only way for a cybersecurity professional to provide the best protection is to stay informed on these tools and to use them to their advantage.

-Macon Moyer 1/23/25