The Tech Edge: Fighting Fire with Fire with AI and Cybersecurity
For many years now, we’ve been told (and have been telling ourselves) that information is the new gold, or the new currency, and I’ve been all in on this message. However, I recently spoke to Anthony Woodward, CEO of Logicalis Australia, on an episode of The Tech Edge and he made a comment that completely changed my thinking on this, especially when it comes to cybersecurity.
We know that one of the most pressing issues facing organizations today is cybersecurity and how AI is changing the game — for attackers and defenders alike. We’ve seen large-scale data breaches with organizations like MediSecure, an Australian health organization that holds sensitive medical information and dispenses e-prescriptions. This security breach was so severe that it affected almost half of the Australian population, and the ramifications were wide-ranging that MediSecure had to seek government assistance.
The incident only reinforces the potential impact of cyberattacks that go beyond privacy concerns and financial implications. Targeting a healthcare sector that provides essential and time-sensitive services in which downtime can cause operational disruption is a stark reminder that no organization is immune. Organizations cannot afford to ignore this rising challenge. If you’re thinking, “That won’t happen to us,” I’m afraid you’re mistaken. It’s not a case of ‘if’ but ‘when.’
How AI Is Changing the Cybersecurity Landscape
What fascinated me most during our discussion was how AI is being leveraged in cybersecurity defense. While we often think of AI in terms of content generation and productivity tools like ChatGPT, Microsoft 365 Copilot, and others, its applications in security are far more sophisticated. Anthony shares, “It can deal with a huge volume of data very quickly and find patterns. One of the data streams that it’s actually very good at is video.”
AI offers powerful tools for detecting and responding to cyberthreats more effectively, such as:
- Pattern recognition: AI excels at analyzing vast amounts of data to identify potential vulnerabilities and attack vectors before they’re exploited. It can process data at scale, quickly identifying trends that might indicate emerging threats.
- Rapid response: AI can develop defenses against new threats through predictive analysis. If done manually, this proactive approach would be incredibly difficult, if not impossible, to accomplish, given the sheer volume of data that requires analysis.
- Video analysis: Rather than having staff watch hours of security feeds, AI can identify anomalies, potential security risks, or unexpected events — like a spill in aisle seven that needs immediate attention or unusual access patterns to secure areas.
And yes, similar large language models (LLMs) have their place in cybersecurity operations. They can help security professionals query massive information without building complex database queries. Imagine being able to simply ask, “What security trends have we seen with this particular customer over the last three months?” and getting an instantaneous, comprehensive response. That’s the power AI brings to security teams.
Data: Uranium Versus Gold Analogy
One comment Anthony made stopped me in my tracks: he compared data to uranium rather than gold. He explains, “You should keep as little of it as you need to do the job and, as quickly as you can, dispose of that information when you don't need it anymore." This analogy perfectly captures the paradigm shift that organizations need to make.
We know that data is the new gold — valuable, worth hoarding, and something to be mined for insights. But Anthony suggests we should instead view data more like uranium: powerful but potentially dangerous, requiring careful handling, and something you only want to keep in the amounts you absolutely need.
The organizations most vulnerable to attacks are often those that hold years of accumulated data about people who may no longer be customers. Every piece of data you store is a potential target, so we should ask ourselves: “What data do I need to gather to do my job, how long should I keep it, and what do I do with it after that?”
This perspective is a game-changer, shifting our focus from data collection to responsible data minimization.
The Dangers: Bias and Hallucinations
Of course, AI isn’t a perfect solution. Anthony highlighted two significant concerns we need to be mindful of:
- AI models can inherit the biases present in their training data. In a security context, this could lead to false alerts based on irrelevant factors like a person’s physical appearance rather than their actual behavior.
- AI can “hallucinate” and confidently present information that’s completely fabricated. What makes this particularly dangerous is that these hallucinations are often indistinguishable from factual outputs. They sound convincing and may even include fabricated references that seem legitimate.
This is why human oversight remains crucial. Whether we’re using AI for security analysis or just to help write a blog post, we need to approach its outputs with critical thinking – we need that “sense check” at the end – a human verifying that what the AI is telling us makes sense.
Key Takeaways for Business Leaders
Here are three solid recommendations for strengthening your organization’s cybersecurity posture:
1. Implement a Data Minimization Strategy
Information lifecycle is your friend! Conduct a comprehensive audit of all the data your organization currently stores. For each dataset, ask: Do we need to keep this for regulatory or business purposes? Does it serve our current business objectives? Could it cause harm if compromised? Then, create clear policies for data retention periods and secure deletion processes. This isn’t just good security practice — it also aligns with many privacy regulations like GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).
2. Leverage AI for Pattern Recognition and Early Warning
Implement AI-powered security tools that can analyze network traffic, user behavior, and other security data at scale. These systems can identify unusual or anomalous patterns that might indicate a breach in progress, long before human analysts could spot them. Look for solutions that provide explainable AI – where the system can tell you not only that something is suspicious but also why it was flagged – to reduce false positives and build trust in the system.
3. Maintain a Human-in-the-Loop Approach
While AI offers powerful capabilities, always keep humans involved in security decisions. Establish clear workflows where AI identifies potential issues, but trained security professionals make the final call. Regularly test your AI systems for biases and “hallucinations” by comparing their outputs against known-good data. And invest in training your security team to effectively collaborate with AI tools, maintaining their critical thinking skills while leveraging AI’s processing power.
As Anthony recommended during our discussion, utilize resources like the Australian Cyber Security Centre (ACSC), European Union Agency for Cybersecurity (ENISA), and Cybersecurity and Infrastructure Security Agency (CISA), which provide up-to-date information on trends and threats tailored to different types of organizations.
Remember, cybersecurity isn’t just an IT issue — it’s a business survival issue. What steps is your organization taking to leverage AI to improve its security practices?
Check out this episode and more here: The Tech Edge — Ticker.
Alyssa Blackburn is the Director of Records & Information Strategy at AvePoint, where she helps organisations achieve business value from their information. In her role, Alyssa provides records and information consulting services as well as system implementations, allowing customers to optimise the structure of their information to maximize business benefits while meeting data governance and compliance objectives. With 20 years of experience in the information management industry, Alyssa has worked with both public and private sector organisations to deliver guidance for information management success in the digital age. She is responsible for the development of AvePoint’s information management solution, and has been involved with implementing our records management solution with government agencies and commercial clients. Alyssa is actively involved in the information management industry and has spoken at a number of events including at Inforum 2016 in Perth. She has been published in the RIMPA IQ magazine and recently won the 2016 award article of the year for the RIMPA IQ magazine for her article titled, "Why you need to think differently about information management."
