Artificial intelligence (AI) is being used more and more by cybercriminals to craft convincing and challenging-to-detect attacks. Companies must therefore maintain their lead with more intelligent defenses and a well-defined, flexible strategy. According to a number of experts, including Aaron Chiew, Head of Digital Channels for DBS’ Institutional Banking Group, businesses must now implement strong and astute defenses to prevent scams.
When it comes to cybersecurity, AI’s quick evolution presents both challenges and opportunities. Despite its potential for ease of use and benefits, generative artificial intelligence (Gen AI) is increasingly being abused through deception and manipulation, such as deepfaking a person’s or organization’s identity, voice, or face in order to obtain money. For instance, according to Gartner1, Gen AI will be used in 17% of all cyberattacks by 2027. It is anticipated that this number will increase rapidly.
The scope and complexity of AI-driven threats are still highlighted by high-profile catastrophes, but the same technology also gives businesses strong, proactive solutions to protect their vital infrastructure and keep one step ahead of attackers. It can identify anomalous and potentially dangerous activities far more quickly than a human could, for instance, by identifying patterns to detect network intrusions or identifying new viruses and other dangers.
As a result, AI’s contribution to cybersecurity has changed from being a technological problem to becoming a crucial business necessity.
Although AI offers many advantages, these advantages are also increasing cyberthreats in three main ways:
- Accelerated processing times – AI can process vast datasets very quickly, enabling scammers and fraudsters to identify exploitable patterns and design new scam tactics with unprecedented efficiency.
- The prevalence and believability of deepfakes – a case in point was in Hong Kong, where deepfake technology was used to impersonate company executives on a video call, successfully convincing an accounts clerk to transfer $25 million to fraudsters.
- Rapid creation of deceptive or manipulative information in the form of scam content – including automating scam calls, generating realistic looking fake ads, and creating websites that mimic legitimate businesses to trick people into providing sensitive information or making unauthorised payments.
Beyond the evident financial damages, such threats have far-reaching effects. The loss of trust with clients and within the organization is one of the most detrimental.
Employees might begin to doubt the legitimacy of calls they receive, for instance, wondering if they are actually speaking to the person they think they are. More procedures and verification stages to validate the authenticity of messages may result from this increasing ambiguity.
The office door is not where the harm ends. Once a cybersecurity problem is made public, it may take a while to win back clients’ trust.
Protections against cyberthreats from AI:
With the threat posed by AI in the forefront of their minds, businesses are not standing still in this new era. For instance, according to 66% of organizations, AI will have the biggest influence on cybersecurity in the upcoming year.
As a result, numerous industry sectors have seen a sharp increase in investment in cybersecurity protection solutions. For instance, Gartner predicted in August 2024 that end-user expenditure on information security would reach $212 billion globally this year, a 15% increase.
Stanbic Bank’s Remarkable Support For Entrepreneurship For Young Students
At the same time, businesses are examining their procedures and enforcing more stringent communication guidelines about the use of AI tools as a cutting-edge method of promptly identifying and reacting to threats.
Stricter rules for social media use, more precise data protection regulations for data collecting and storage, and frequent penetration tests of infrastructure and systems are all being prompted by this.
Startups should begin with the fundamentals:
- Verify all requests carefully
Always double-check the credibility of requests received by email – especially those involving sensitive financial changes. For instance, if an employee requests a payroll update or a supplier emails to change bank details, confirm the request by calling back using a verified number on record.
- Audit your internal processes
Regularly review internal workflows to identify weak points that could be exploited through human error or fraud. Even small procedural gaps can open the door to cyber threats.
For bigger companies, the key is to strengthen and have stress-test:
- Engage cybersecurity professionals or specialist agencies to conduct penetration testing and simulate attacks. This helps uncover vulnerabilities in systems, processes, or infrastructure before attackers do.
- Periodically review your infrastructure and security protocols to stay ahead of evolving threats. As Chiew warns: “It only takes a single loophole or gap – and for scammers, finding and exploiting these gaps is a full-time job.”
