Help or hindrance? AI in cybersecurity

By CyberArk

Interview with Jeffrey Kok, Vice President, Solution Engineers, Asia Pacific & Japan, CyberArk.

Bruce Wayne got it right when he said one man’s tool is another man’s weapon.

Tech is but a tool that cybercriminals and security officers alike wield with power. The same tech can be used to tighten digital defenses, or take whole cyber fortresses down.

AI is one such example. Jeffrey Kok, Vice President, Solution Engineers, Asia Pacific & Japan at cybersecurity firm CyberArk shares the risks and opportunities with AI.

Double-edged sword

AI is a “double-edged sword” in the world of cybersecurity, Kok says. For instance, it can find software vulnerabilities more quickly than humans ever could. But this means cybercriminals can find these vulnerabilities just as quickly to exploit them.

AI is also commonly used to detect malwares, and has been proven to be more than 90 per cent effective. Cybercriminals are using the inverse technique to create malwares that are undetectable by mainstream antivirus software, he shares.

Adopting AI can introduce new security risks to companies. Many of these vulnerabilities may not have been discovered yet, so organisations may not have the security tools needed to defend against them.

This new tech “will open up new possibilities to computing as well as security risks, thus triggering an arms race between the ‘good guys’ and the ‘bad guys’,” says Kok. Organisations need to stay one step ahead of cybercriminals and find ways to make tech work for good.

Turn it for good

CyberArk has found one way to use AI for good. It recently launched an AI tool to secure cloud platforms.

The CyberArk Cloud Entitlements Manager continuously monitors users who access the cloud, so it can identify and remove excess privilege. This ensures that employees have just enough access to do their jobs - not more or less. IT teams also get a clearer overview of their systems.

The tool uses AI to understand the context and intent behind each user interaction. The algorithm takes these into account when assessing risk, so it can decide the appropriate next steps.

This could be a huge leap in cloud security. Too much access privilege is the most commonly cited type of cybersecurity attack against cloud applications and services in the last 12 months, a recent study by Enterprise Strategy Group found.

Managing each account’s access level is complex on the cloud, as accounts and their permissions are constantly being added or changed. Traditional methods of managing and securing accounts aren’t helpful, as they don’t allow for IT teams to change access levels as needs arise.

Boosted by research

“We are only starting to scratch the surface of the security risks that AI can be used to cause,” Kok notes. Research will be important for finding both its theoretical and practical security risks.

CyberArk has a dedicated research lab to study the latest security threats, and develop new ways to tackle them. The company recognised more than a decade ago the risks that new tech would bring, he explains.

More than 50 researchers contribute to CyberArk Labs’ research. Over the years, it has published a wealth of resources, such as open source tools and blog posts, to help governments and organisations understand the latest cyber threats.

Its research also goes into improving CyberArk products. The company helps government agencies secure administrators, third party vendors, applications, machines and more.

AI has great potential on both sides of the cyber war. With a strong team leading research and innovation, CyberArk will work to uncover new ways to use tech for good.

To learn more about CyberArk solutions, visit our website at