What does AI mean in the context of security?

On the face of it, AI in the context of security settings is a game-changer. It’s highly effective, targeted and extremely beneficial to businesses across Suffolk, Norfolk and Essex. It’s just as effective for small and medium-sized businesses as it is for large organisations, and it can be used in any sector.

But we recognise that while artificial intelligence, data analytics, automation and machine learning have been around for years, “AI”, as we now conceptually recognise it, has only been in the mainstream since ChatGPT was released onto the market in the latter stages of 2022.

We know that as a business owner, you will have plenty of questions about what AI genuinely means in the context of cybersecurity.

That’s why we want to explain the role that AI plays in cybersecurity and whether AI can be used to detect threats. We will share our opinion of what works (and doesn’t work) and explain how your business can successfully use AI as part of your cybersecurity strategies.

If you are nervous about implementing AI into your cybersecurity plans, it’s worth taking advice from the National Cyber Security Centre (NCSC).

In a 2024 article, the NCSC points out that AI is “undoubtedly impressive in its ability to generate a huge range of convincing content in different situations” but recognises that any use of AI is “only as good as the data they are trained on”. To help businesses understand more, the NCSC has published clear guidelines for secure AI system development. We highly recommend reading this to help you improve your knowledge of AI for security.

For example:

This instant access to real-time tracking and predictive datasets means that we can effectively identify, prevent and remedy any potential issues before they escalate into serious problems.

The NCSC has created a list of questions that any business owner should ask about the security of your organisation’s AI systems. As IT security experts, we believe that it’s essential that any senior decision-maker reads these questions before investing in any AI tools or software (across any part of your business). As the NCSC says – “keeping AI systems secure is as much about organisational culture, process, and communication as it is about technical measures.”

Unlike the Cyber Essentials assessment, to pass the more robust Cyber Essentials Plus certification, you must achieve a 100% pass rate on your evaluation. If there are any areas of non-compliance, you will have 30 days to rectify the issues.

AI, in the context of security settings, is hugely beneficial because of the speed at which it can manage threat detection and mitigate issues.

But our cybersecurity experts also recognise that bringing artificial intelligence into your security systems can have many other business benefits that you might not be aware of.

Cost-effectiveness.

If you are an SME in Suffolk (or even if you are not), you’ll be well aware that you need to make every penny stretch as far as possible.

In our opinion, AI will never (and should never) be the sole strategy behind your security settings, but it can play a huge role in limiting costs. The benefits of automation mean that our cybersecurity team can free up their time, which means that you get far more ‘bang for your buck’.

We believe that every business, no matter what their size, should have easy access to strict cybersecurity settings. The great news is that many of the tools we use are now added to your subscriptions as standard. The likes of Microsoft, Fortinet, and Barracuda will have aspects of AI built into their programmes, so you won’t have to pay for additional fees, as you may already have access to the features you need.

It can be scaled up (or down)

Your cybersecurity settings need to be working in parallel with your business size. As you add more users to your systems, your risk levels will increase.

AI in security strategies can quickly respond to your changing business demand with little to no extra effort. This means that as your data sizes change throughout the year (perhaps your business has seasonal demand), the AI will respond accordingly.

AI offers a level of consistency.

AI solutions in security settings can offer a significant level of consistency that human-led interventions cannot manage. The enhanced data processing takes place in the background on a continuous cycle, ensuring that any potential issues are identified and flagged almost instantly. That constant level of threat detection is essential for your business protection.

It can adapt to emerging threats.

We appreciate that AI cybersecurity solutions are adaptive and flexible. The processing speed at which it recognises anomalies and malicious behaviours means that it can be alert to issues that haven’t yet been identified. As cybercrime is continuously adapting, your AI can offer protection against future problems as well as known vulnerabilities.

AI can identify skills gaps in your workforce.

Whether you are handling your IT yourself or working with an in-house IT manager, AI can play an essential role in managing any internal skills gaps. Threat detection changes daily, and it can be complicated to stay on top of the training and knowledge that you need to make informed decisions. AI may be able to minimise those skills gaps by filling in that talent gap as you seek to recruit for or outsource your wider cybersecurity activities.

In our opinion, some of the disadvantages of implementing AI into security solutions include –

Complex maintenance

AI can only work on its trained capabilities; therefore, retraining needs to take place on a regular basis to ensure it’s always working effectively.

Issues will need to be addressed, rectified and monitored by trained professionals. Those experts will be able to understand and interpret what the data is telling them – but more importantly, they’ll know when to bring in their own knowledge and intuition as part of any remedial action.

AI can be effective, but only when it’s managed by someone who knows what they are doing. Smaller organisations may not have the technical skills or available resources to understand how their AI is protecting them.

Unknown biases and inaccuracies

The installation of any AI software in any business context (not just security) relies on transparent data quality. There is a huge risk that any AI has the potential to fall down because of inaccuracies and unknown biases. This could impact your security decision-making because the data may not be correct.

As a cybersecurity team in Ipswich, we talk to each other and our clients to establish clear goals and outcomes. During those discussions, there’s always a ‘what if’ moment, where we can look at different perspectives or approach a situation from a different way. An AI system doesn’t have that ability, so any training data must be diverse and unbiased.

Vulnerability to AI attacks

AI can keep you secure. But it can also lead to vulnerabilities.

Hackers are incredibly clever people. They know how to create and exploit issues – if your entire security system is built on AI to strengthen it, then that same AI could be used against you.

For example, generative AI is often used by businesses to write their content – from webpages to emails. However, the more open-source platforms are used (such as ChatGPT), the more risks there are that you are inadvertently teaching an AI model how to replicate your brand voice. This could create a weakness where hackers can create more successful phishing scams.

Similarly, spam detection tools might not recognise AI-forged documentation, and other AI tools may be able to use rapid programming to establish multiple password configurations.

Privacy and ethical considerations

The privacy concerns of using AI can be a minefield. Users should always be aware of how their data is being used to inform language learning models – and individuals should have the opportunity to opt-out if they wish.

The data privacy complications of AI are extremely complex, especially if you have a mix of internal staff and external guests accessing your systems, data or networks. You may have to deal with regulatory compliance processes and provide documentation to showcase what data you are using and why.

The Information Commissioner’s Office has a valuable toolkit on the topic of AI and data protection. We highly recommend that you read their guidance carefully to ensure full compliance with their recommendations.

To overcome these privacy concerns, any AI system should be built with stringent data privacy safeguards. Personal data must be encrypted, and you must have strict disaster recovery processes in place to deal with any potential data breach. As we’ve said, AI can analyse vast volumes of data, so you need to be confident that your data is being protected and held securely at all times.

We welcome the growth of AI security tools; not only do they make our jobs much easier, but they are vital to ensuring your protection and safeguarding your business.

We advocate for businesses across Ipswich, Colchester and Felixstowe to invest in AI cybersecurity defences because we’ve seen first-hand the impact that a cyberattack can bring. We believe that local businesses need to prioritise cybersecurity as much as possible, and AI creates a consistent yet cost-effective solution.

However, for it to work effectively, AI needs to be combined with human knowledge. It won’t do the job for you – it needs to be guided and trained and maintained. But when it works properly, it will almost certainly protect you from harm.

If you’re still keen to read more, why not read our blog article “Bringing Artificial Intelligence into IT support services” You may also be interested in “Cybersecurity and AI: Is it a help or a curse?”

Or call us on 01473 355199

As Technical Director, Karl is our most senior engineer and responsible for delivering solutions and providing support to our 2nd and 3rd line engineers ensuring that they can resolve any technical issues reported by our clients.