AI offers numerous advantages for IT security, such as the ability to quickly analyse large amounts of data, recognise patterns and respond to threats in real time. AI can automate repetitive tasks and thus increase the efficiency and speed of cybersecurity measures. This relieves the burden on security teams and allows them to focus on more complex threats. Predictive analytics enables AI to predict future cyberattacks and recommend preventive measures. This is done by analysing historical data and recognising patterns that indicate possible future threats. AI has therefore long since become an indispensable tool in modern cybersecurity. 

In a study, market researchers from MarketsandMarkets forecast that the market for AI in cybersecurity will grow from USD 22.4 billion in 2023 to USD 60.6 billion in 2028. This would correspond to annual growth of 21.9 per cent.

Artificial Intelligence in Cybersecurity Market Share, Forecast | Growth Analysis & Opportunities [2030]

The European Commission's AI Act regulates the use of AI throughout the EU. It is the first comprehensive regulation on AI by a major regulatory authority worldwide. The Act categorises AI applications into three risk classes. The highest risk class includes applications and systems that pose an unacceptable risk, such as state-operated social scoring. These are prohibited. High-risk applications and systems form the second category; they are subject to special legal requirements. The third category consists of applications and systems that are not expressly prohibited or categorised as high-risk. These remain largely unregulated. The AI Act is due to come into force this summer and must then be implemented by the EU countries, which are expected to pass their own laws.

The AI Act also has far-reaching implications for the use of AI in cybersecurity. Companies should prepare for compliance and ensure that their systems meet the legal requirements.

Artificial intelligence (AI) has been used successfully in a variety of product groups within cybersecurity for some time now. In the ubiquitous field of endpoint detection and response (EDR and XDR), AI-based solutions continuously monitor end user devices for suspicious changes, analyse suspicious activity and automatically respond to threats.

In the network security sector, which is also very common, also known as network detection and response (NDR), AI monitors network traffic in order to recognise anomalies and suspicious activities and react to them if necessary. Flexible products can adapt to changing network topologies and detect new systems with specific network behaviour, for example. Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are located above the NDR. They collect data at neuralgic points in the network in order to generate deductions that indicate an attack. Time-delayed events in particular need to be correlated, and AI helps with this. AI is used in many other product areas, for example in security information and event management (SIEM) systems. As the merging of various logs from different sources alone usually results in very large amounts of data, AI is often an indispensable component when analysing them.

Disinformation plays a major role in shaping and influencing opinion, and not just in political disputes. Disinformation is just as important before elections and referendums as it is in armed conflicts. Autocratic systems in particular use this tool to influence their own population or even foreign countries. Thanks to AI, disinformation campaigns can be customised and adapted to cultural or country-specific circumstances very easily. AI can automatically create large quantities of convincing and realistic disinformation content. This includes not only texts, but also photos and videos. These can be automatically distributed as social media posts on social networks using specially generated bots.

Deepfakes are becoming increasingly important in this context. These are videos and audio recordings that deceptively imitate a real person. Deepfakes are often used to spread false information about people or events. A British security specialist recently demonstrated in an experiment how easily and effectively something like this can be realised.

A branch of AI that develops algorithms and models that can learn from data and improve over time without having explicitly programmed the results.

A variant of machine learning that is based on many layers of neural networks to recognise complex patterns in large amounts of data.

A machine learning method in which a model is trained using a training data set that contains both input data and the corresponding output values.

A machine learning method in which a model is trained with a data set that only contains input data without associated output values. The aim is to find patterns or structures in the data.

The learning process of an AI model in which the prediction accuracy is increased from a data set by adjusting the model parameters.

This area of AI deals with the interaction between computers and human language, with the aim of enabling the processing and analysis of large volumes of natural language data.

This AI model is based on deep learning techniques to process and generate natural language. These models are trained to analyse large amounts of text data and recognise patterns in it, which enables them to generate human-like texts.