Search
Close this search box.
Search
Close this search box.

how gen ai influencES global cyber threats

Welcome back to Echo360’s EchoInsights limited series on artificial intelligence (AI)-driven cybersecurity risks and defenses! In this second of three blogs on the topic, we’ll be covering how Generative AI (GenAI) has been applied across three key components of cyber defenses and attacks, increasing their impact and accelerating their deployment. We’ll then turn to the varied security considerations you need to make when evaluating Cloud and mobile applications, including how GenAI has been used to exploit or fortify defenses for those types of apps. To conclude, we’ll entertain the question of how far off is a future with Transformative AI, and what implications that might have for the cyber threat landscape.  

IT expert analyzing data on a laptop while standing next to stacks of data servers.

Applications of GenAI for Cyber Defenses and Attacks

Understanding how Generative AI (GenAI) can be misused in cyberattacks and malware applications is crucial for developing effective defenses, so let’s start with the basics of how GenAI can potentially be used to exploit three key elements of any general network security architecture, along with preventative measures: 

 

1. Governance, Risk, and Compliance 

The establishment of a cybersecurity governance framework before or during the development of the network security architecture starts with planning for regular risk assessments and management, as well as adherence to industry standards and best practices like those detailed by the National Institute of Standards and Technology (NIST) or the International Organization for Standardization (ISO/IEC 27001). GenAI is already being used to optimize frontline regulatory compliance, with capabilities like automated, real-time monitoring of online activity to detect potential anomalies faster and more accurately than a human might. That said, any GenAI application has its own set of risks, which can be more effectively managed when there’s always a human in the loop.  

2. Endpoint Protection 

Making sure all the devices connected to your organization’s network are protected from cyberattacks is more important than ever in a cyber threat landscape where phishing campaigns are a primary way compromises in security happen, and they are only becoming more sophisticated and even automated with the use of jailbroken Large Language Models (LLMs). Deployment of antivirus and anti-malware solutions, regular or AI-automated patch management and updates, and the use of Endpoint Detection and Response (EDR) tools, including those that leverage AI for predictive threat detection, are all effective strategies for maintaining secure endpoint devices.  

 

3. Network Security Monitoring 

Like with the previous two key elements to any network security architecture, GenAI is similarly being used to automate network security monitoring. Because AI tool can continuously monitor network and systems traffic, as well as transactions in progress, it has become a powerful tool for many sectors to improve intrusion detection and prevention systems. That said, AI can also be used by malicious actors to flood monitoring systems with false positives or other alerts, potentially overwhelming security teams and disrupting services. Having an equally powerful tool to combat an AI-automated flood of spam, intentionally trying to crash a website or curb operations has created a strong demand for similar, defensive systems and workflow integrations like those by IMB 

Security Considerations for Cloud and Mobile Applications —

Now that we have an idea of how GenAI is being used to innovate cybersecurity and attacks across three key general network security elements, we’ll look at how those elements and their related security considerations vary across cloud and mobile applications. First, let’s identify two key reasons why you might assume the added cyber risk of Cloud-based apps by looking at their benefits. 

 

Number one is scalability and flexibility of security measures. Apps connected to the clouds benefit from the resources of the large organizations that build and maintain the servers they are stored on, allowing for more dynamic and automated security measures. Second is centralization of security administration. Cloud environments often centralize identity and access management (IAM), automated monitoring, and data protection protocols, enabling more cohesive and integrated security strategies.  

Cloud and Mobile Security Considerations — 

Cloud and mobile apps rely on massive physical infrastructures managed and protected by major service providers like Amazon Web Services (AWS) and Microsoft’s Azure Cloud Services, which contract out space in their servers and security protocols as a service. Crucial to Cloud infrastructure are huge data storage centers that have a massive environmental footprint with how much energy they consume to keep the servers inside refrigerated and powered. Satellite constellations that facilitate the wireless transmission of encrypted data are another key component of this infrastructure. With this context in mind, let’s turn to how GenAI can be used to exploit or defend three key elements of any Cloud and mobile security architecture: 

1. Application Security During Development  

GenAI can be deployed at each stage of a Cloud application’s development to either strengthen or compromise it. Developers of Cloud-based applications need to ensure they are taking every security precaution at each step of development to ensure later fidelity of the app in a live environment, where it’s tested against real cyberattacks. One way AI is being used to accelerate the improvement of Cloud app security is in how it can automate continuous integration (CI) and continuous deployment (CD) pipelines, which adds tremendous value to an organization’s higher risk mobile cybersecurity infrastructure. This frees up developers to evaluate the automated patches and spend their time performing other business-critical work.  

 

2. Data Protection and Privacy 

The automatic encryption of data at rest and in transit, having robust data loss prevention (DLP) protocols, and compliance with Cloud provider policies by the parent company of the Cloud-based app are essential tactics to protect data and user privacy. GenAI can enhance data protection by accelerating the identification of and triage of data leaks and potential risks. Enforced automatic encryption for data at rest and in transit on mobile devices is a sure strategy to optimize risk mitigation. Another mitigation strategy to DLP, especially for mobile users, is to extend those policies to mobile devices to monitor and control the movement of sensitive data even when users are traveling.  

3. Operations Continuity and Disaster Recovery 

Given we live in a world with a rapidly changing climate, where one in 100 year disasters seem to happen every quarter, being prepared and having a backup plan if you lose access to operations-critical services or applications just makes sense. Conducting a thorough ecological and human risk review to evaluate what dependencies your organization has to physical infrastructures that might be compromised by natural or other disasters is a difficult but essential first step. To improve the quality of these risk reviews, GenAI can create more accurate climate forecasts for more granular assessments that could identify which dependencies are the greatest potential risks, such as facilities located near frequent disaster zones or physical assets in an area at high risk of near-future sea-level rise. 

Flooded on server room

Final Thoughts and Future Directions

With an ever-growing number of applications for GenAI to innovate the cybersecurity and threat landscapes, in beneficial and harmful ways, it’s almost hard to imagine a future where transformative AI, with intelligence equal to that of a human, becomes a new factor to contend with. Some experts estimate that such a technology could be available by the middle of the century, with others guessing transformative AI could have a 50 percent chance of showing up by 2033. The consequences of developing transformative AI for not just the cyber threat landscape but all of industrialized society could be as tremendous as those that came from the Industrial Revolution. Certainly, if current regulatory efforts (the focus of the third and final blog in this limited series) it will continue to push organizations to adopt the technology for fear of getting left behind and having to contend with cyberattacks of new kinds that they have no means of combatting.  

Echo360 proudly partners with government and military organizations to deliver secure, accessible training solutions for all needs.

ExploreEchoPOLL.

Learn more about what it can do for your organization

Leading educational institutions are inspiring learning with Echo360.

Related Resources

Customer testimonials, pedagogical articles about teaching and learning, and new product updates and features.

k-12 educational software blog image

K-12 Educational Software That Goes Above and Beyond

K-12 Educational Software That Goes Above and Beyond As a K-12 educator, you deserve more than to deliver a simple video lesson. You should have a solution that actively engages ...
aligning learning and transformation business goals

Aligning Learning and Transformation with Business Goals: Your Practical Guide to Strategic Success

Aligning Learning and Transformation with Business Goals: Your Practical Guide to Strategic Success If you want your Learning & Development (L&D) efforts to drive real business transformation, aligning learning initiatives ...
echoexam release notes blog

How EchoExam Continues to Speed Test Creation and Deliver Trusted Exams to Learners

How EchoExam Continues to Speed Test Creation and Deliver Trusted Exams to Learners Echo360 is committed to making both teaching and learning more impactful through the Echosystem™, the world’s first ...