According to one cybersecurity firm, the trick is keep a sharp eye out for the known problems of the AI bots.

With the Asia Pacific region (APAC) reported in need of around 2m cybersecurity professionals to defend against increasingly sophisticated and well-funded threat actors, AI is being touted as the stop-gap measure to “keep the lights on”.

According to Saurabh Sharma, Senior Security Researcher, Kaspersky, as of 2022, a talent gap of 52.4% exists despite APAC’s ongoing recovery from the COVID-19 pandemic: “This urgent need can drive IT security teams to look into using smart machines in augmenting their organizations’ cyber defenses, and AI can help in key areas like threat intelligence, incident response, and threat analysis.” Noting that technologies such as ChatGPT can assist even in identifying critical components in a malware code, de-obfuscating malicious scripts, and creating dummy web servers with particular encryption schemes, the researcher said AI algorithms can be used to quickly access and analyze previously published research and previously seen tactics, techniques, and procedures (TTP’s), leading to the development of “threat hunting hypotheses” to work on.

Sharma suggested that, to help in cyber incident response workflows, AI can be used to suggest anomalies in a provided set of logs; understand a security event log; generate how a particular security event log may look like; perform analyses of tools used in an attack, and even suggest steps to look for initial implants such as web shells.

The firm does recognize that there are limitations to what AI can be deployed on, and reminds enterprises and organizations in the region to:

    • Focus on the augmentation of existing teams and workflows
    • Ensure transparency in any exploration and application of Generative AI, especially when it can provide incorrect information in some instances
    • Log all interactions with Generative AI and make them available for review, and maintain them for the life of the products deployed
    • Remember that smart machines can augment and supplement human talent, but not replace them.