Skip to main content
Arrow Electronics, Inc.
interior, train station

AI and security — What’s the tradeoff?

October 24, 2023 | Kristin D. Russell

Balancing the risks and potential promise of AI

It is not surprising that AI is permeating all aspects of modern business, including IT — and security is not immune. AI’s role in fortifying software and systems has become a prime focus for enterprises. Simultaneously, bad actors are investing in AI to expand the scale and scope of attacks. Modern AI examples have led experts to speculate that AI itself will be a threat for enterprises as it can be manipulated to suit unauthorized purposes.

Traditionally, the vulnerabilities that appear in cybersecurity are often attributed to issues within system architecture. AI introduces novel vulnerabilities due to its complex data models and interdependencies. This dual nature of AI brings forth a unique challenge for enterprise security. Imagine a scenario where an AI system defending infrastructure faces off against another AI system designed solely to corrupt its defensive counterpart.

The promise of AI

AI practices have existed for many years at some of the largest technology vendors. Promises to reduce costs, solve problems, increase profits and more are within reach. These advantages accrue mostly from AI’s ability to automate tasks that previously required specialized human labor and expertise. Further, the ability to detect the smallest deviations and anomalies quickly and accurately — and minimize or eliminate business losses or maximize profits — is key. These advantages can help a business leapfrog its competitors.

This is not different for cybersecurity. Promises that AI can better protect our IT assets and intellectual property have teased us for years now. We are seeing many cybersecurity vendors planning or implementing pieces of this today:

  • AI can build complex configurations by asking questions about a business
  • AI mines data repositories to answer questions from users
  • AI finds mutations in real time and can remediate infected systems

With a shortage of cybersecurity talent available, AI is beginning to close that gap and provide the much-needed checks and balances promised for years.     

Be mindful of the risks

AI’s shadowy potential is cause for concern. As AI advances, it will enable far more bad actors to carry out attacks. These new threats could reshape the security landscape with AI opening fresh avenues for cyber assaults. These attacks, unburdened by human limitations, loom as an ominous threat, capable of limitless simultaneous events. A few examples underscore this emerging danger:

  • AI capabilities, like pattern recognition and natural language processing, can be used to deceive and impersonate humans. Even close team members are fooled by recent tests.
  • AI used to analyze human behaviors, moods, profiles and tendencies can give new ammunition for potential hackers to compromise security systems, direct ransomware attacks, sway public opinion and much more.

Redefine your defense strategy

Enterprises considering AI in their products, their corporate security or for any number of other purposes must consider the possibility that the AI itself could be manipulated using poisoned datasets to alter the originally desired AI behaviors.

The rise of AI-driven threats marks a pivotal moment in cyber and physical security. Progress brings vulnerabilities, and innovation carries risk. Enterprises must adapt, redefining defenses and strategies to navigate this evolving landscape. Vigilance is paramount in the face of AI’s dual nature.  

While much work is pending on standards setting, governance and ethics surrounding the appropriate use of AI, experts suggest creating an AI compliance framework similar to the Payment Card Industry Data Security Standard (PCI-DSS).

Until a compliance framework emerges, AI implementations should utilize a best practice-based approach:

  • Examine the entire product/AI system lifecycle for vulnerabilities and opportunities  
  • Assess the security, availability and access to the data used to train AI algorithms
  • Determine the true ROI of AI in products and systems
  • Identify an AI threat mitigation plan and adding recovery and action planning to the enterprise security plan

Arrow Electronics enables IT solution and service providers to understand, execute and monetize security across your entire practice. Explore our website or connect with an Arrow representative to learn more about our security products, solutions and capabilities.

Become a channel partner
Become a Partner