UK organizations that incorporated AI tools into their cybersecurity practices are twice as resistant to attacks as those that do not, according to new research investigating the impact of AI on security in the region.
The report from Goldsmiths University, in partnership with Microsoft, was based on surveys of more than 1,000 senior leaders across UK public and private sector organisations, including testimony from 200 senior security professionals.
Only 13% of UK businesses can be described as “resistant” to cybercrime, according to the report, which found that companies that implemented AI-enhanced defenses were able to reduce the costs associated with a successful attack by 20%.
The research estimated that greater use of AI in cybersecurity could save the UK economy £52 billion a year, up from the £87 billion that cyber attacks currently cost businesses. National companies.
Paul Kelly, director of Microsoft UK's Security Business Group, said the financial impact alone should be enough motivation for companies to “fight the fire” and integrate AI into their security strategies, as outlined. what threat actors are doing.
“Cybercriminals, some armed with the resources of a nation state, are 'equipping' themselves with AI to increase the sophistication and intensity of their attacks. “This research outlines 52 billion reasons for organizational leaders to ‘fight fire with fire,’” Kelly explained.
“The same AI technologies can help leaders better protect their organization and tip the scales in their favor. “AI has the potential to make your business and data more secure, but also, if a cyberattack were to occur, reduce the impact on your bottom line.”
UK 'AI superpower' goals hinge on security improvements
According to the report, the British government's ten-year plan for the UK to become a “global AI superpower”, announced in 2021, depends on organizations increasing their cyber resilience capabilities.
The report showed that business leaders in the UK recognize this fact, with 69% of decision makers recognizing that their organization will need to improve security capabilities to achieve the goal of international leadership in AI.
To accelerate this change, the report identified five opportunities for the UK to ensure its cyber resilience levels continue to move in the right direction, recognizing that an “AI superpower” must be a “cyber security superpower”.
The first opportunity is to continue to support the widespread adoption of AI in cybersecurity in a bid to inspire more creative approaches to using the technology to defend organizations.
Investment in AI needs to be prioritized and focused on buy-and-build configurations or off-the-shelf solutions, the report adds, and the UK must also invest in cultivating the talent to take advantage of these solutions.
The report put forward nationally incentivized skills programs, upskilling, work-based learning, as well as better public-private partnerships to help address the AI-related skills shortage.
Finally, the UK must continue to work with business leaders across sectors and establish simple, results-based guidance in line with international standards, to encourage the safe deployment of AI.
How AI is already driving cyber resilience
The findings from Goldsmiths and Microsoft demonstrated how AI-enhanced security tools are already having a material impact on the cyber readiness of organizations in the UK.
speaking to ITProFounder and CEO of rapid AI management platform AIPRM, Christoph Cemper, said AI has helped the company stay on top of a wave of DDoS attacks targeting its servers.
“Our traditional security measures, such as firewalls and monitoring systems, were simply not enough to effectively handle these sophisticated attacks. It was then that we decided to start using AI to increase our protection, specifically neural networks,” says Cemper.
“A major advantage of neural networks is their ability to analyze enormous amounts of data and detect patterns that would be almost impossible for humans to detect alone. For DDoS attacks, we trained these neural networks by showing them logs of our previous traffic patterns so they could learn to distinguish between real users and attackers.”
Cemper reported that the implementation was a success and allowed AIPRM security teams to spend more time developing a solid security strategy instead of having to constantly put out fires as they occur.
“Since implementing this AI-based solution, we have seen a large reduction in the impact of DDoS attacks on our systems. Neural networks continue to learn and adapt to become even better at detecting even the sneakiest DDoS techniques,” he explained.
“Automating these AI models has allowed our security team to focus more on proactive strategies rather than just constantly shutting down DDoS attacks manually.”