Gitex 2024: UAE businesses need to take AI-based cyberattacks seriously
"There's a steady increase in cyberattacks, including ones leveraging AI techniques': GBM
Dubai: It’s not enough for businesses and organizations to invest substantially on AI processes in their operations.
They have to simultaneously raise their spending on cybersecurity measures to take on threats that could come in through AI. And such future threats could be more difficult to detect and come up with solutions to patch up enterprise level security.
These are the stark choices that organizations have to factor in.
“The challenge (for organizations) is not just technical,” said Bassam Rached, General Manager – Technology at Gulf Business Machines (GBM).
“It requires a nuanced understanding of AI’s dual nature as both a competitive advantage and a risk. We are seeing investments in AI-specific cybersecurity measures still developing for several reasons.
“Firstly, the complexity of AI-powered attacks makes them highly sophisticated, necessitating specialized tools and expertise.
“Secondly, the threat landscape is constantly evolving, which means organizations often take time to adapt their security measures to counter new threats. Cost also plays a significant role, as implementing robust AI-specific cybersecurity measures can be expensive, particularly for smaller organizations.”
Plus, there is the lack of awareness about what comes along with AI implementation. Because there are businesses that realise some form of AI will play a major role in their operations at some point, but they are unsure about how to go about integrating it.
Other businesses seem to be veering towards investing in AI – and on cybersecurity measures against AI borne threats – further down the line. When there are more vendors offering solutions and, hopefully, at more manageable cost of implementation.
Early starters on AI
Other businesses are doing both – investing in AI and on security – right now. “While still in its early stages, we see growing investment in cybersecurity measures specific to AI threats,” said Rached.
“Vendors and enterprises are recognizing the need to address the unique challenges posed by AI-powered attacks. This includes developing specialized tools, training staff, and implementing new security protocols.”
Other cybersecurity specialists echo the same point – about the need to bring fresh thinking into their AI specific operations. Because what’s worked before as cybersecurity protocols and measures may not be as effective when dealing with AI risks.
Data protection
A report from GBM found that nearly half of surveyed organizations ‘struggle’ to incorporate robust data privacy protections into AI systems. And 35% report difficulties in navigating global data protection regulations.
This was based on responses from 500 IT professionals specializing in cyber security. They cited their main concerns as:
- Data privacy: For 31% of respondents, data privacy tops the list of concerns, while 27% emphasize regulatory and compliance challenges.
- Ethical and security concerns: Ethical issues, such as AI bias, are front of mind for 25% of businesses, while security vulnerabilities rank as a critical issue for 17%.
- AI leadership gaps: Despite the rising prominence of AI, 45% of organizations report they lack a ‘Chief AI Officer’, indicating a leadership gap in overseeing AI initiatives.
Those gaps will need some speedy resolutions.
“Looking at the nature of breaches in the Middle East region year to date, it is quite varied,” said Rached.
“There has been a steady increase in cyberattacks, including those leveraging AI-powered techniques. “These often involve sophisticated phishing, malware, DDOS, and ransomware attacks, which can be effectively automated, leading to a massive boost in their volume and sophistication.
“It's important to note that the specific nature of these attacks can change rapidly, making it difficult to pinpoint a single trend.”
That’s what enterprises are up against, and there is no way they can afford to go easy on the investment side of security.