The positive possibilities of AI in cybersecurity

Like many, I’m super excited about the potential of AI and gen AI for fundamental change in the cybersecurity space. Possibilities include bolstering detection, response, and mitigation activities. Research findings from cyber-resilient CEOs indicate automated threat detection, cyberattack simulation scenarios, and manual security task augmentation as their key uses of gen AI for cyber defense. Adoption of AI technologies will only continue to accelerate.???

The use of AI today?

I like the progress already made in using AI to automate activities, in particular, routine activities. Within our Information Security organization, we are automating the generation of incident reports, for example, and using AI to evaluate trends across incident responses. It’s a perfect use of AI and saves our security analysts tons of time and makes them more efficient in understanding attacks.??

In addition, we’re actively involved with Accenture’s data and AI innovation centers around the globe, including a Center for Advanced AI. Our people are regularly updating guidelines for secure AI for our own operations as well as for Accenture teams developing applications that use AI, helping confirm solutions being created are responsible, secure, safe, and protect Accenture and our client’s information.??

A virtual assistant we developed offers Accenture people and teams easy access and use of commonly asked questions and responses for inquiries about Accenture’s information security posture and practices. We are also developing a security chat help desk to help people in resolving security hygiene issues.?

In another instance, our Accenture Security Research and Development (Cyber Labs) team using its security mesh technology (a “hybrid AI” technology that combines knowledge graphs, machine learning, and large language models to perform cyber security analyses - we call it SMESH) is working to apply AI to analyze historical security exceptions data to provide some automation around these exceptions.??

The potential of gen AI?

Gen AI shows promise in helping to demystify the complexity of technology, security standards, and other structured formats that Accenture has in place to deliver our code. We anticipate it will help do things faster.?

Other areas in cybersecurity where we’re exploring the use of gen AI:?

• Executing AI-directed web application tests?

• Building capabilities to help our security operations center analysts do their jobs better and faster.??

• Testing our SMESH Security Advisor, a generic Q&A based on knowledge domains, to be integrated with Microsoft Security Copilot.??

• Testing a large language model that informs a user on what is happening with a hash or code snippet. Attackers often obfuscate their code and gen AI is good at de-obfuscating it.??

Responsible use?

As enterprises adopt AI, they bear an increasing responsibility to manage potential ethical implications of AI decisions that directly impact people’s lives. AI needs to be used appropriately and responsibly. Responsible AI means taking intentional actions to design, deploy, and use AI to create value and build trust by protecting from the potential risks of AI. Responsible AI begins with a set of AI governing principles that an organization adopts and then enforces.??

In my next article, I will share my thoughts on the flip side of AI and gen AI—the risks and steps organizations can take to develop their defenses as well as some solutions I’d like to see product vendors develop.?

What AI possibilities is your organization pursuing? I’d love to hear about it. Let’s share what we know to secure what we must.?