There is a (not so) new kid in town and it is a clever one: artificial intelligence.

After having had my very strong (and very much essential) coffee this morning, I brushed my teeth. As you do. And while I did, my toothbrush recognized my brushing style. It guides me to brush better every day. Because I am all about efficiency, my robot vacuum cleaner worked hard on, well, on vacuum cleaning my home in the meantime. It always comes up with the best way to do so by operating autonomously and adapting to changing conditions in my house. Its smart dirt detection uses cameras to identify spills - like that splash of coffee that missed my mug earlier - or particularly dirty areas. Despite my IoT fairies at home, I am already running late to catch my train. And I also still have a deadline for a short article I need to submit about trends in cybersecurity. Trends in cybersecurity? No idea. Let’s see what my friend ChatGPT suggests. While I am running to the station, I observe my friend slowly providing its answer, cursor moving.

 Okay, apparently, AI is one of those hot topics? What a relief.

Recognize yourself? I certainly do. Artificial Intelligence changes everything. In our daily grind, Artificial Intelligence of things even more so. And it doesn’t stop at causing positive change. Everything comes with a cost. With Artificial Intelligence, this cost entails elevated security challenges. From data poisoning and input manipulation over to deepfakes, but also supply chain attacks and model theft, we see the overall threat landscape changing. So do more traditional cybersecurity threats: AI-driven phishing, AI-powered malware, optimized DDoS attacks, enhanced brute force attacks… You name it.

But there is also an incredible opportunity here: automated routine tasks such as vulnerability scanning, real-time and adaptable threat detection continuously evolving and improving with the input of new data. Artificial Intelligence is fueling innovation for threat actors, it certainly does. But it also has the potential to take cybersecurity to the next level.

Not least because it can free security teams from tasks they wouldn’t have the capacity to thoroughly run through anyways. Are burned out CISOs, high fluctuation rates and the infamous cyber skills gap a phenomenon of the past, if we only knew how to incorporate AI productively? Can we circumvent cybercrime and remove the importance of human resources - and the human error, by the way - with a little help from our friends? While this might seem an exaggeration at the moment, the truth to it is: the future of cybersecurity is very much a future of AI - and so is the cybersecurity workforce. If we like it or not, we need to redefine our cybersecurity teams, our defense units, if you will. Human expertise and supervision will remain crucial. Full stop.

 Why? Because humans add contextual understanding to attacks. Think about triggers like trust, fear or urgency in social engineering, psychological components when someone is turning into an insider threat or the role of conformity and herd behavior in compliance. We can and should carefully assess how we use AI, but what we use it is non-negotiable. Because it neither is for the threat actors.