As a double-edged sword, the technology has two faces, and wielders need to use it while being also cognizant of risks

For example, business email compromise (BEC) attacks have been growing in frequency, and they can avoid multiple email security tools because they typically do not have payloads such as links or attachments.

Jennifer Cheng, Director of Cybersecurity Strategy (Asia Pacific & Japan), Proofpoint

Also, when considering new cybersecurity solutions that rely on AI and ML, the following questions need to be addressed:

  • Where does the product vendor get their data for training algorithms? Obtaining data for general-purpose AI applications is easy, but threat intelligence data is not as readily available. The training data used by the vendor should reflect not only real-world scenarios, but also threats that are specific to the organization and its employee.
  • What does the product use in the detection stack to supplement AI/ML? Intelligent technology is not as efficient, effective, or reliable for some types of threats. It is crucial for a security solution to integrate other techniques, such as rules and signatures, or a “human-in-the-loop” model to leverage IT teams’ expertise without giving up the speed and self-learning benefits of AI in the production environment.
  • Is generative AI is optimal for your organization’s specific challenges? AI models are complex and computationally intensive, and may take longer to execute than less complicated functionalities. Sometimes rules-based techniques may be more effective, especially when fast response is critical. It is therefore necessary to understanding the security objective of your organization and what path is best for solving the problem.