Legal measures involving cybersecurity and data protections are, it seems, few and far between. The last significant, active measure that was created for digital security and privacy protections was the General Data Protection Regulation (GDPR), passed and put into effect by the EU in early 2018.
According to Michael Nunic with Ontrack, the GDPR requires that companies which handle the data of EU citizens must comply with and enact measures promoting:
- Personal data encryption and anonymization
- The ability to ensure the confidentiality, integrity, availability and resiliency of systems and services
- Rapid restoration of and access to personal data in the event of a physical or technical incident
- Processes for reviewing and evaluating the safety of processing information.
Unfortunately, these measures did not stop a spat of breaches and successful attacks throughout 2018. Part of the problem is that new technologies are invented and innovated upon every day, seemingly faster than legal bodies can respond to with legislation. At the forefront of those technologies: Artificial Intelligence.
AI and the Connected World
In the annual Gartner CIO Agenda survey released in October 2018, “40 percent of CIOs said artificial intelligence (AI) was the top game-changer technology,” writes Alison DeNisco Rayome. “Some 37 percent of CIOs said their organization had already deployed AI or that deployment was in short-term planning.”
AI is such a powerful tool because of how well it integrates into almost any technological infrastructure. Data points captured by beacon technology and the Internet of Things (IoT) means that automated processes will underpin almost every aspect of society. Home automation, smart cars, and healthcare are all set to change drastically because of innovations in IoT technology — add to that advancements in AI and we’re talking about significant, rapid transformations in our society.
Unfortunately, there are still problems with AI that need to be resolved.
“In terms of deployment, AI was second only to cybersecurity (88 percent),” continues Rayome.
Corroborating this sentiment is Macy Bayern, who writes that when considering the impacts of AI, respondents of Deloitte’s recent State of AI in the Enterprise report cited cybersecurity as the top concern when it comes to executing AI projects.
“Some 32 percent of businesses professionals have experienced an AI-related breach within the last two years,” she writes. “In fear of more cybersecurity infiltrations, 30 percent of respondents have slowed initiatives, and one in five have opted to not launch an AI initiative.”
Security Issues & Solutions
Interestingly, even though CIOs are citing the security risks of AI-implementation within their organizations, AI is one of the most promising technologies in the field of cybersecurity itself.
“Because cybersecurity today is largely labour-constrained, it is ripe with opportunities for automation using AI. Increased use of AI for cyber defence, however, may introduce new risks,” writes the authors of The Malicious Use of Artificial Intelligence report.
Other security issues and concerns presented with AI include the incidental creation of previously unknown exploitable weaknesses or vectors via its implementation. Nevertheless, AI is on its way, whether we like it or not.
“Demand has shown us that consumers and businesses obviously see benefits to AI-related services as they consistently adopt virtual assistants, fly on AI-flown airplanes that pilot seamlessly in fog, or use smart software to organize piles of information and photos,” writes Mike Armistead for SC Magazine.
Armistead is not wrong. The only reason that the EU’s GDPR legislation ever had to be introduced in the first place was because the world created technology riddled with security holes and problems. We create dangerous things, and then we try to tame them later — this is the human way, for better or worse.
Luckily, the problem may also end up being the solution. As AI technology continues to develop, we will better understand how to use it safely, and how to use it to protect ourselves. Perhaps, in time, we’ll develop legislation to cover our bases with AI-security, but hopefully, we won’t have to.
If we proceed cautiously and intelligently, AI could become the end-all-be-all to the cybersecurity industry. Only time will tell.