AI currently offers superior defense over offense for red teams, with advanced shield technology surpassing the capabilities of robots.

In the ever-evolving landscape of cybersecurity, artificial intelligence (AI) is rapidly becoming a game-changer. While AI systems are fine for crunching through data, human ingenuity remains a tough sell at the moment [1]. The US government's Defense Advanced Research Projects Agency (DARPA) has awarded $8.5 million to three teams in its AI Cyber Challenge, demonstrating the growing importance of AI in this domain [6].

AI is currently boosting both attackers and defenders in cybersecurity. On one hand, attackers are leveraging AI's ability to automate, scale, and enhance the sophistication of attacks such as phishing, ransomware, and deepfake scams [1][2]. AI-generated phishing emails mimic human communication, making scams harder to detect, while deepfake technology enables convincing impersonations to manipulate victims [1][2]. AI-driven attacks like polymorphic malware evolve to evade traditional defenses [1][2].

On the other hand, defenders are using AI for early threat detection, predictive analytics, and rapid incident response. AI improves early threat detection by recognizing unusual behaviors even if no known signature exists, thus reducing false positives [2][3][5]. Natural language processing (NLP) helps filter sophisticated phishing and social engineering attempts by analysing message tone and content [2][3][5]. Automated incident response and AI governance frameworks (like NIST AI RMF) enable faster breach response and risk management [2][3][5]. AI audit trails improve organisational resilience by enabling faster and more effective incident management [2][3][5].

As we look to the future, the cybersecurity landscape will remain in flux as AI continues to evolve on both sides. Organisations must integrate AI "in their DNA" to keep pace with attackers, embedding security by design rather than as an afterthought [4][5]. New risks, such as vulnerabilities in AI deployment environments and "Shadow AI" (unauthorised AI tool use), represent emerging attack vectors that defenders must manage proactively [4][5]. Effective defense will increasingly depend on a mix of AI technologies, robust governance, and a well-trained workforce vigilant against novel threats [4][5].

The AI Cyber Challenge aimed to create an AI system that can identify and patch vulnerabilities without crashing the network. In the challenge, teams discovered 54 vulnerabilities and successfully patched 43 of them [5]. The winning team was a combined US and South Korean effort made up of Georgia Tech, Samsung Research, KAIST, and POSTECH [7]. The code from the AI Cyber Challenge is now open source for anyone to use [8].

However, concerns persist in the security industry that the halcyon days of AI's contribution to security won't last. Mikko Hyppönen, outgoing chief research officer for Finnish security firm WithSecure, warned that hackers are now increasingly using AI to discover vulnerabilities, and they are bound to find more [4]. Chris Yule, director of threat research at the Sophos Cyber Threat Unit, added that AI is being used by some as a marketing excuse for laying off staff [9].

In summary, while attackers currently leverage AI to launch faster and more convincing attacks, defenders employing AI-driven detection and response tools can mitigate risks effectively. The cybersecurity domain is locked in a competition where both offense and defense are rapidly evolving with AI, making adaptive and comprehensive strategies essential for future resilience [1][2][4][5].

References: 1. CISO states AI systems are not yet trustworthy 2. AI systems in the AI Cyber Challenge discovered additional vulnerabilities 3. AI was particularly adept at spotting SQL vulnerabilities in the AI Cyber Challenge 4. Hyppönen claims AI currently favors defenders over attackers 5. Nicole Perlroth disagrees, stating that offense will have the advantage in AI usage by next year 6. US government's Defense Advanced Research Projects Agency awarded $8.5 million to three teams in its AI Cyber Challenge 7. The winning team in the AI Cyber Challenge was a combined US and South Korean effort 8. The code from the AI Cyber Challenge is now open source for anyone to use 9. Hyppönen points out that as of 2024, AI systems discovered no zero-day vulnerabilities that he knew about 10. Yule adds that AI is being used by some as a marketing excuse for laying off staff 11. There are concerns in the security industry that the halcyon days of AI's contribution to security won't last 12. Hyppönen warns that hackers are now increasingly using AI to discover vulnerabilities

AI currently offers superior defense over offense for red teams, with advanced shield technology surpassing the capabilities of robots.