How AI Is Reshaping The Cybersecurity Landscape 

Two years ago, ChatGPT launched, marking a transformative moment for artificial intelligence. In that time, generative AI has revolutionised countless industries, including cybersecurity.  

Generative AI tools have lowered the barrier of entry for cybercriminals, helping them to scale their operations. These capabilities are gravely concerning to security teams – with 48% believing AI poses the most significant security risk to their organisation.  

However, while cybercriminals are exploiting large language models (LLMs) for sophisticated attacks, organisations are also leveraging AI to counter evolving threats. As ChatGPT turns two, the question is: who’s winning the AI arms race? 

We spoke to experts to explore how AI is changing the game and what businesses can do to secure their defences. 

1.    A new era of cyber threats 
AI has changed the way cybercriminals operate; they are now leveraging AI bots that can mimic human behaviour with unsettling accuracy, and the threat is on the rise. 

“Across cybersecurity, criminals often make the first move, and artificial intelligence is no exception,” explains Alex Rice, CTO and Co-Founder of HackerOne. “As AI becomes increasingly commoditised and sophisticated, malicious actors have begun developing custom AI bots designed to impersonate trusted individuals with alarming accuracy. 

“These AI deepfakes can mimic writing styles, speech patterns, and even emotional cues, essentially creating a skeleton key that bypasses traditional security measures built on interpersonal trust.” He continues, “this level of sophistication makes it incredibly challenging for even the most vigilant individuals to distinguish between genuine communication and AI-driven social engineering attempts.” 

Rice’s warning highlights how AI has shifted the balance of power in favour of cybercriminals. Traditional trust-based security measures are no longer enough in the face of AI-powered manipulation, businesses must implement multi-factor authentication and develop a mindset of constant verification. 

2.    Turning AI into a defensive tool 
While AI poses undeniable risks, it is also proving to be an invaluable ally in the fight against cybercrime. Security teams are leveraging GenAI to detect threats, analyse vulnerabilities, and neutralise attacks with greater speed and accuracy than ever before. 

“The rise of AI through publicly available tools such as ChatGPT is reshaping the cybersecurity landscape, with an increase in both the risks posed by cyberattacks and the potential for defence,” says Darren Thomson, Field CTO EMEAI at Commvault.  

“AI-driven cyber threats are increasing at an alarming rate, with 93% of security leaders expecting daily AI-driven attacks. AI’s capabilities enable attackers to automate and fine tune their malicious activities, from designing adaptable, personalised phishing campaigns to delivering malware that exploits specific vulnerabilities in a business. Predictive modelling allows cybercriminals to identify high-value targets and attack vectors efficiently, often before the victims can detect their presence.”  

However, he adds: “Advanced AI-driven threat intelligence systems are now capable of identifying silent and advanced attacks as they happen, offering the ability to neutralise threats before they result in damage. While the battle between AI and AI-driven cyberattacks is ongoing, leveraging AI’s strengths in defence can provide organisations with a vital edge in the ever-evolving cyber arms race.” 

Thomson’s perspective underlines that AI itself is neutral - it is how it’s used that makes the difference. By adopting AI-driven solutions, organisations can strengthen their security and stay ahead in this evolving landscape. 

3.    Securing innovation 
Generative AI is also transforming how businesses operate, with many embracing LLM-powered tools to drive efficiency and innovation. However, as these technologies are adopted, they bring new risks that must be addressed. According to research from HackerOne, 51% of security experts say basic security practices are being overlooked as companies hurry to include generative AI. 

“Two years after ChatGPT appeared on the scene and many businesses are preparing to build large language model (LLM) powered applications,” shares Gilad Elyashar, Chief Product Officer at Aqua Security. “A developer survey by Stack Overflow 70% of developers are using or are planning to use AI tools in their development process. 

“However, while businesses are strongly driven to embrace LLM adoption, they must be cautious about the evolving attack vectors that come with the new technology. Innovation must be backed up by strong security measures or it will only bring increased risk. These new avenues of attack include prompt injection, in which bad actors trick an LMM into following malicious instructions, compromising system security and integrity, and the potential for LLMs to generate insecure code.” 

To mitigate these risks, businesses need robust security strategies tailored to GenAI. Elyashar explains that businesses should, “employ specific GenAI policies which will serve as guardrails for developers, preventing unsafe usage of LLMs.”  

As ChatGPT marks its second anniversary, its impact on cybersecurity is unmistakable. The same technologies driving innovation for businesses are also being exploited by attackers. With the AI arms race only just beginning and the stakes rising, organisations must adapt or leave themselves vulnerable to more and more sophisticated forms of cyber-attacks. 

Alex Rice is CTO and Co-Founder of HackerOne and Darren Thomson is Field CTO EMEAI at Commvault

Image: Growtika

You Might Also Read:

Judge Uses ChatGPT As A Source For Court Verdict:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Cybersecurity Essentials For Laptop Gamers
2025: A New Year Of Cybersecurity Challenges »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

D-RisQ

D-RisQ

D-RisQ is focussed on delivering techniques to reduce the development costs of complex systems and software whilst maximising compliance

Ahope

Ahope

Ahope is a mobile security solution provider in Korea with a long history of security solution development.

Secure Innovations

Secure Innovations

Secure Innovations is a cybersecurity firm dedicated to providing top-tier cyber security solutions for the Defense and the Intelligence Community.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

Wizlynx Group

Wizlynx Group

Wizlynx services cover the entire risk management lifecycle from security assessments and compliance to the implementation of security solutions and provision of Managed Security Services.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

Cloud Box Technologies

Cloud Box Technologies

Cloud Box Technologies is one of the premier IT Infrastructure Solution providers in the Middle East.

OriginalMy

OriginalMy

OriginalMy is a cybersecurity startup, focussed on digital governance and information authentication. Its mission is to prove authenticity using state-of-the-art cryptography and blockchain technology

Prima Cyber Solutions (PCS)

Prima Cyber Solutions (PCS)

Prima Cyber Solutions is focused on protecting your business from the massive and devastating impacts that cyber-attacks may cause.

Aunalytics

Aunalytics

Aunalytics is a data platform company that delivers insights as a service to answer your most important IT and business questions.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

Hexagon

Hexagon

Hexagon is a global leader in digital reality solutions. We are putting data to work to boost efficiency, productivity, quality and safety.

CyberMontana

CyberMontana

CyberMontana is a statewide initiative providing cybersecurity awareness, training, and workforce development for businesses and residents of Montana.

VeriBOM

VeriBOM

VeriBOM is a SaaS security and compliance platform that helps protect you and your customers through automation, documentation, and transparency for every software application you build or run.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.