Technology5-minute read

Ask a Cybersecurity Engineer: Trending Questions About AI in Cybersecurity

In this ask-me-anything-style Q&A, leading Toptal cybersecurity expert Ilia Tivin responds to colleagues’ questions on AI in cybersecurity and provides data and network protection tips and best practices.


Toptalauthors are vetted experts in their fields and write on topics in which they have demonstrated experience. All of our content is peer reviewed and validated by Toptal experts in the same field.

In this ask-me-anything-style Q&A, leading Toptal cybersecurity expert Ilia Tivin responds to colleagues’ questions on AI in cybersecurity and provides data and network protection tips and best practices.


Toptalauthors are vetted experts in their fields and write on topics in which they have demonstrated experience. All of our content is peer reviewed and validated by Toptal experts in the same field.
Ilia Tivin
Verified Expert in Engineering
20 Years of Experience

Ilia is a cybersecurity professional and developer with wide-ranging experience in the government, defense, manufacturing, and finance sectors. A former cloud security architect at Hewlett Packard Enterprise, he now advises executive clients on planning, prioritizing, and executing strategic security initiatives.

Previous Role

Senior Security Consultant

Previously At

Hewlett Packard EnterpriseCisco
Share

Having worked in a variety of cybersecurity roles for large companies and startups for two decades, Toptal cybersecurity advisor Ilia Tivin has a deep understanding of the field—past, present, and future. This Q&A is a summary of a recent ask-me-anything-style Slack forum in which Tivin fielded questions about artificial intelligence (AI) in cybersecurity from other Toptal engineers and security professionals around the world.

Editor’s note: Some questions and answers have been edited for clarity and brevity.

Current and Future Uses of AI in Cybersecurity

Do you think modern cybersecurity requires AI solutions?

—K.S., Montreal, Canada

Yes, I do think AI will be required in the future. To be frank, AI’s capacity for creating exploits is fairly weak today. But that is going to escalate over time—and so should our defenses.

Did you ever encounter a business case in which AI was used to find security breaches?

—J.O., Fortaleza, Brazil

The answer depends on how you define a security breach. AI that is properly programmed to search and sift through code can definitely be used to identify vulnerabilities. You can also have AI generate very persuasive phishing emails that incorporate specific details relating to your organization. I haven’t yet seen anything outside of phishing emails, but that doesn’t mean it hasn’t happened.

What are the downsides of AI in cybersecurity?

—K.B., Bergerac, France

The downsides of AI in cybersecurity are the same as the downsides of AI in every other field. When we apply AI, we delegate a layer of decision-making to a robot. But sometimes we cannot fully understand how the robot arrives at its decisions. If AI decides wrongly about security automations, checks, or compliance, for example, it can lead to significant regulatory fines, security compromises, or loss of intellectual property.

What new cybersecurity risks might modern AI (e.g., generative AI) create?

—R.L., Lake Oswego, United States

A risk that comes to mind is overreliance on AI, even when it benefits from the latest developments. As developers move to use AI to code, as well as to check their code using that same AI, they may inadvertently introduce security vulnerabilities to the code.

How might AI improve cybersecurity in the future?

—N.H., Tuzla, Bosnia and Herzegovina

First, AI will hopefully stop supplying wrong information and errors. I see a move toward more automation worldwide. I also predict the enhancement of inspection methods, contingent on the countries and jurisdictions in which the various AI companies operate. Inspection enhancement is less likely to be implemented in Europe, due to its strong regulatory frameworks.

Implementing AI in Cybersecurity

Upsides
Downsides
  • Speedy identification of threat indicators: AI quickly identifies anomalies or irregularities that may indicate a cyberthreat. AI’s quick response is crucial in mitigating the impact of cyberattacks.
  • Capacity for learning: AI can learn from examining patterns and trends, as well as past cybersecurity incidents. Over time, AI becomes better at threat detection, response, and prevention.
  • Efficiency and automation: AI can automate routine tasks and reduce the burden on cybersecurity professionals.
  • Scalability: AI is able to adapt to a growing network and increased data traffic without being overwhelmed.
  • Personalized security protocols: By creating personalized security protocols based on user behavior or network activity, AI can be more effective in preventing threats compared to one-size-fits-all solutions.
  • Security compromises: We may not always understand how AI reaches its decisions. If we act based on a wrong decision derived from AI, we can experience security compromises, loss of intellectual property, or the accrual of regulatory fines.
  • Overreliance on AI: Excessive dependence on AI can lead to complacency and a false sense of security, ultimately introducing new vulnerabilities. Attackers can exploit AI blind spots, and AI's lack of context can result in false alerts.
  • Risk of exploitation: As AI advances, there’s a risk that it could be exploited by cybercriminals for sophisticated attacks.
  • Significant investment: Implementation and maintenance of AI systems require careful planning and expertise.


AI in Cybersecurity Examples

Do you use any AI cybersecurity tools and, if so, which ones would you recommend?

—M.D., Seattle, United States

To complement the protection afforded by clients’ standard security products, I use the AironWorks phishing simulation platform, where customized phishing simulations are generated for organizations to check the preparedness and security awareness of their employees. But currently, from a testing perspective, I don’t think that AI is well positioned to be of much help in cybersecurity. Sure, all the big companies claim to have adopted AI for cybersecurity in their product offerings, but the extent to which it is usable varies.

Can you suggest a fun website where security hobbyists can play around with and discover different topics of offensive or defensive security?

—J.O., Fortaleza, Brazil

I, for one, am a big fan of personal security. From a defensive perspective, I always recommend the Personal Security Checklist, a GitHub list of 300-plus tips for protecting digital security and privacy. You can use TryHackMe as a way to get started in security, or even compete in some of its online challenges. VulnHub is awesome even if it’s not regularly updated. Challenges at Splunk—which appears ready for a refresh—come to mind. From an offensive perspective, bWAPP is a good Docker container that allows you to try to exploit a web application for yourself. And there’s also Hack The Box, which includes both defensive and offensive elements.

Tools to practice defensive security include Personal Security Checklist, TryHackMe, VulnHub, and Splunk. For offensive security practice, there’s bWAPP. Hack the Box allows for both.
Tools for Practicing Defensive and Offensive Security

I hear conflicting perspectives regarding Mac security: Some say that Mac is already secure, while others feel that you can’t be too careful. What’s your opinion?

—M.Z., Santa Clarita, United States

Well, there are significantly fewer Mac users than PC users, which can explain why a majority of cyberattacks are aimed at PCs. However, on average, Mac users spend far more money on their computers than PC users do—so you can see how Mac also makes for a favored target. Judging by the many OS security fixes released lately, it looks to me—and also to Wired, which published an article on this topic—as if Apple agrees that increased Mac targeting is a real possibility.

Would you recommend enhancing security on Mac computers with antivirus tools like Avast, or are these a waste of money?

—M.Z., Santa Clarita, United States

You can always go free with ClamAV in combination with keeping your software updated. Also, Microsoft Defender is now available for Mac.

The editorial team of the Toptal Engineering Blog extends its gratitude to Marco Jardim for reviewing the technical content presented in this article.

Understanding the basics

  • What is the role of artificial intelligence in enhancing cybersecurity?

    AI’s role in enhancing cybersecurity can relieve cybersecurity personnel of repetitive and mundane tasks, accelerating the response times to threats.

  • Accuracy is a concern as code written by AI that is not fully inspected can lead to improper and insecure coding practices that can, in turn, lead to vulnerabilities and functionality issues.

  • The biggest challenge in the field is a lack of understanding about the business enablement function of cybersecurity teams. The benefits achieved via cybersecurity help businesses thrive and protect their customers by ensuring the confidentiality, integrity, and availability of information.

Hire a Toptal expert on this topic.
Hire Now
Ilia Tivin

Ilia Tivin

Verified Expert in Engineering
20 Years of Experience

Singapore, Singapore

Member since November 8, 2022

About the author

Ilia is a cybersecurity professional and developer with wide-ranging experience in the government, defense, manufacturing, and finance sectors. A former cloud security architect at Hewlett Packard Enterprise, he now advises executive clients on planning, prioritizing, and executing strategic security initiatives.

authors are vetted experts in their fields and write on topics in which they have demonstrated experience. All of our content is peer reviewed and validated by Toptal experts in the same field.

Previous Role

Senior Security Consultant

PREVIOUSLY AT

Hewlett Packard EnterpriseCisco

World-class articles, delivered weekly.

By entering your email, you are agreeing to our privacy policy.

World-class articles, delivered weekly.

By entering your email, you are agreeing to our privacy policy.

Join the Toptal® community.