In a world where artificial intelligence (AI) is increasingly being weaponised by cybercriminals, the question of whether we can effectively combat AI threats with more AI is not just a technical inquiry, but a pressing global concern, writes Lisa Strydom, Senior Manager Channels Africa at Veeam.

The rise of AI-generated cyberattacks, such as deepfake technology and automated hacking attempts, has created a cybersecurity arms race. Yet, ironically, it’s AI itself that might hold the key to turning the tide in this escalating battle.

As cybersecurity incidents continue to surge, the thousands of job vacancies that remain unfilled due to a shortage of qualified talent means that organisations are left vulnerable to attacks that exploit the very technological advancements designed to drive progress. 

If human talent cannot keep pace, AI must act as the force multiplier that bridges the gap, enhancing both threat detection and response capabilities. But is this reliance on AI enough, or are we overlooking critical aspects of cybersecurity that only human expertise can address?

The sheer scale and complexity of modern cyber threats demand automation, speed, and precision, all qualities that AI excels at. Traditional, human-centric cybersecurity models simply cannot cope with the volume of attacks we face today, while AI can process vast amounts of data, detect anomalies in real-time, like in the backup repository, and even pre-emptively thwart attacks before they inflict damage.

One of AI’s most significant contributions to cybersecurity is its ability to detect threats that are invisible to the human eye. For instance, AI models specifically designed to identify deepfake technology can pinpoint digital manipulations that evade human detection. By recognising these subtle manipulations, AI can help prevent misinformation campaigns and fraud on a scale that would be impossible for human analysts to manage alone.

From reactive defence to proactive strategy

The manual monitoring of network traffic and user behaviour is time-consuming and often reactive. AI, on the other hand, can perform real-time threat analysis, identifying patterns indicative of AI-driven attacks such as botnet activities or automated hacking attempts. This allows organisations to implement immediate countermeasures, reducing the risk of prolonged breaches. Automation doesn’t just make cybersecurity more efficient but transforms it from a reactive defence into a proactive strategy.

AI’s scalability is crucial in an era of global, borderless cyber threats. AI-driven systems can autonomously configure firewalls, diagnose vulnerabilities, and even apply software patches without human intervention. This dramatically reduces the window of opportunity for attackers to be successful with their tactics. 

Furthermore, AI-enabled security policies can adapt based on historical incident data, continuously evolving to protect against emerging threats.

Building collaborative AI defence networks

AI in cybersecurity should not be confined to isolated systems. Instead, the future lies in collaborative AI defence networks. These networks enable AI systems to share threat intelligence in real-time, ensuring that cybersecurity measures are always one step ahead of potential attacks. Such collaboration enhances the overall security ecosystem, creating a global network that learns and adapts from every attack, benefitting all connected organisations.

However, this interconnectedness also poses risks. Collaborative networks could become prime targets for attackers aiming to undermine global security efforts. Therefore, striking a balance between intelligence sharing and securing these networks is essential to the success of AI-powered protection.

The human element: Are we at risk of over-reliance?

While AI offers unprecedented advantages in cybersecurity, it is essential to question whether we are risking over-reliance. AI, by its nature, is a tool and is not infallible. If we depend solely on AI to combat AI-driven threats, we may overlook the importance of human intuition, creativity, and judgement. After all, AI systems are still vulnerable to manipulation, such as adversarial attacks where small, calculated inputs cause an AI model to make incorrect decisions.

The cybersecurity workforce must adapt, focusing on training professionals who can both build and supervise AI systems. We need experts who understand AI’s limitations and can step in when automated systems fail. Until we close the skills gap in the cybersecurity industry, AI will remain a critical ally, but it cannot stand alone.

The stakeholder perspective: Why AI is becoming a business imperative

For businesses, the integration of AI into cybersecurity is not just about staying ahead of threats, but about survival. Investors, customers, and employees all have a stake in the security measures a company adopts.

• Investors: AI minimises the risk of costly breaches, preserving not only financial investments but also the company’s reputation. A single cybersecurity failure can destroy years of investor confidence.

• Customers: Data Resilience is more critical than ever. AI-enabled encryption and anomaly detection ensure that customers’ private information remains safe, reinforcing trust in an organisation’s brand.

• Employees: With cyber threats becoming increasingly sophisticated, AI helps protect sensitive employee data while maintaining operational continuity, ensuring that businesses do not grind to a halt due to a cyber incident.

Fighting fire with fire

As Satya Nadella, CEO of Microsoft, aptly put it, “AI is a foundational tool in defending against today’s cyber threats. Without it, we are fighting a losing battle.” 

And while this may be true, it’s important to remember that AI is only as powerful as the people guiding its use. To truly protect against AI-driven threats, we need both technological innovation and human insight. By combining AI’s computational power with human expertise, we can build a cybersecurity framework that is resilient, adaptive, and future-ready.

In the end, fighting AI with more AI is not just a strategy - it’s a necessity. But it’s a necessity that must be tempered with caution, ensuring that the human element remains at the core of cybersecurity efforts. As we move forward in this new era of cyber warfare, one thing remains clear: AI may be the weapon, but human intelligence is the ultimate defence.