Data breaches: the role of AI in Cybersecurity
30 Jan 2024
by Era Gunning
Artificial intelligence (“AI”) uses algorithms to analyse data and identify patterns that may signify malicious activity or suspicious behaviour. This can be used to flag potential threats and to alert security teams for further investigation.
AI has multifaceted capabilities including:
- Enhances precision of malware detection systems by detecting data patterns indicating questionable activities
- Monitors user activity across multiple platforms
- Identifies and flags suspicious activity
- Detects new strains of existing malware, preventing malicious actions including ransomware attacks
- Minimises the impact of cybersecurity threats
- Assists in identifying suspicious content, such as phishing links and malicious URLs
- Alerts security teams for timely preventive measures
According to the Verizon 2023 Data Breach Investigations Report, 74% of the reported data breaches involved the human element. External, financially motivated actors were responsible for 83% of the incidents
and insiders were responsible for the remainder. 24% of the reported breaches resulted from ransomware attacks, while business email compromise frauds accounted for half of the reported phishing attacks.
IBM’s Cost of a Data Breach Report 2023 (“IBM Report”) helps organisations learn from the experiences of more than 550 organisations, including 21 in South Africa, that fell victim to data breaches between March 2022 and March 2023. The IBM Report indicates that the extensive use of automation saved organisations nearly USD 1.8 million in data breach costs. On average, it accelerated data breach identification and containment by over 100 days. While almost all organisations use or want to use artificial intelligence for cybersecurity operations, only 28% of them use it extensively.
According to the IBM Report, South Africa’s financial sector has experienced data breaches totalling R73.1 million, making it the hardest hit sector with the industrial and services sectors placing second and third. On average, a data breach costs a South African organisation R49.45 million in 2023, an all-time high and constitutes a 73% increase since South Africa was added to the report eight years ago.
The IBM Report found that most cyber threats resulted from stolen or compromised credentials and phishing scams while attacks through compromised business e-mails were a close second.
Era Gunning
Executive | Banking and Finance
egunning@ENSafrica.com