The landscape of technology is undergoing a seismic shift, driven by the relentless tide of a new technological revolution and industrial transformationIn this rapidly evolving world, characterized by unprecedented levels of digitization and information technology, cybersecurity has emerged as a crucial element in the strategic contests between global powersAs a silent yet formidable barrier, cybersecurity is not just a reactive measure but a proactive force, particularly in the realm of artificial intelligence (AI), which plays a dual role in redefining the security infrastructureIt acts as both a challenger and a protector in this digital age.

On one side of the coin, generative AI technologies—exemplified by innovations such as Sora and GPT-4o—have sparked significant public debate around pressing issues such as personal privacy and the malicious use of AIMalicious actors have leveraged open-source large language models (LLMs) alongside harmful datasets to create specialized applications designed for illegal activities like vulnerability discovery, social manipulation, and extortionThe implications of these actions can inflict grave detriment on national economies and the lives of everyday citizens.

Conversely, AI is bestowing new capabilities upon the cybersecurity sector, enabling the dawn of innovative defensive strategiesThe upcoming RSA Conference in 2024 is set to showcase AI-driven cybersecurity products and services from leading companies like Google, Cisco, and CrowdStrikeExperts within the industry are increasingly united in their belief that AI serves as the linchpin in catalyzing revolutionary advancements in cybersecurity, fundamentally reinventing the market.

As we gazing ahead, the intersection of AI and cybersecurity is poised to usher industries into a new developmental phase, transforming strategies from passive defense mechanisms to active offensive tacticsChinese enterprises, in particular, are encouraged to embrace this trend, actively engaging in the deep integration of AI and cybersecurity technologies to fortify digital protections.

A statement encapsulating the current ethos is: "Using AI to protect AI."

The last three decades have witnessed a constant evolution of offensive and defensive technologies, as the realms of cybersecurity and technology stay in a dynamic tug-of-war

Advertisements

In China, the cybersecurity industry has evolved from its origins in traditional products such as antivirus software and firewalls to a more mature product ecosystem capable of catering to a diverse array of security needs.

However, as AI technologies gain traction, the tactics employed by cybercriminals have also advanced significantlyThe frequency and sophistication of AI-centric cyberattacks—ranging from deepfake frauds to phishing schemes, vulnerability exploits, and data breaches—are escalating, making cybersecurity efforts increasingly complex and urgentA survey conducted by MIT Technology Review revealed that in 2021, 60% of network security professionals found it challenging to fend off automated cyberattacks, with a staggering 96% having encountered AI-driven cyber threats.

This pressing reality underscores the increasing necessity of "using AI to protect AI" in combating contemporary cybersecurity threatsAcross the globe, nations and institutions are accelerating the integration of cybersecurity with AI technologies to enhance defensive measuresAn analysis of current industry practices indicates that the "AI + Security" paradigm, represented by robust AI models, shows extraordinary potential in areas like malicious code detection, security policy management, security operations, data classification, and data anonymization.

As we look at the global cybersecurity landscape, it is experiencing rapid growth, with expert analyses suggesting a market size exceeding $20 billion by 2023, and projections of a compound annual growth rate (CAGR) exceeding 20% up until 2030.

The author sees three key transformations on the horizon as the "AI + Security" paradigm finds extensive application across the cybersecurity industry:

Firstly, we will witness a rise in intelligenceSmart cybersecurity products and services can significantly alleviate human labor burdensMany processes that previously required extensive manual intervention can now be optimized through large AI models

Advertisements

Companies such as Microsoft, Palo Alto Networks, and Qihoo 360 have begun leveraging these models, leading to remarkable resultsFor instance, in security operations, traditional security operations centers often involved human handling for 93% of their processesWith the empowerment of AI models, data processing has increased sixfold, false positive rates have reduced by 70%, and response times have condensed from two to three days down to an astonishing 16 minutes to five hours.

Secondly, the trend towards platformization is evidentSimilar to the evolution of smart home systems, where users can control all devices from a single platform for unified management and monitoring, the cybersecurity industry is pivoting from fragmented solutions to consolidated platformsThe gradual shift towards a defense system centered around an "AI Brain," incorporating various detection and response tools, has been noticeable since 2021, and this trend is accelerating further in 2023. Leading cybersecurity enterprises are already deploying large AI models on their platforms, extending management capabilities from merely coordinating various security subsystems to encompassing IT, cloud, and network architectures.

Thirdly, there is a notable transition from product sales to service provisioning in the cybersecurity industryThis shift can be likened to the evolution of movie consumption—from purchasing DVDs to enjoying one-click subscriptions to a vast library of filmsDuring this transformation, large AI models are increasingly viewed as critical components for cybersecurity companies seeking competitive advantagesStarting in 2023, leading firms like Cisco, IBM, and Palo Alto Networks have actively merged capabilities and data related to threat intelligence, situational awareness, and attack surface management through acquisitionsThis approach not only enhances the data sources for training AI models but also significantly boosts analytical and predictive capabilities, providing users with more precise and efficient security services.

However, the coalescing of "AI + Security" brings forth a dual-edged sword of challenges and opportunities

Advertisements

The dynamic sector of AI is marked by continuous breakthroughs and innovations, while security emphasizes stability and assurance, necessitating a careful approach to achieving high-quality development in this combined paradigm.

Among the foremost challenges are the technology aspects, specifically elevating the foundational capabilities of large AI modelsCurrently, many cybersecurity enterprises, both domestically and internationally, rely heavily on vertically training general models to create specialized security models for targeted sectorsDespite rapid advancements in foundational AI technology within China, it still lags behind leading models like OpenAI’s GPT-4.0, which can hinder the performance of domestic security-based models.

Moreover, standardization of security product interfaces remains inadequateCurrently, the interconnectivity of cybersecurity products from various vendors in China is nascentThe multiplicity of product types offered by security companies can lead to integration issues not only between different companies but even within products from the same enterpriseConsequently, customers bear substantial costs in trying to achieve product interconnectivity, often with disappointing resultsThis situation significantly constrains the transition of China's cybersecurity sector toward platformization while also limiting the effectiveness of empowering large AI models.

For this reason, it’s crucial to embrace opportunities for promoting quality growth in "AI + Security" paradigms through several approaches:

First, it is essential to refine the overarching design of "AI + Security." This includes consolidating resources from industry, academia, and research to form interdisciplinary teams of expertsIn establishing industry standards, it is vital to draft a series of guidelines covering aspects such as data labeling for security models, comprehensive security assessments, and legal and ethical compliance to aid the security model development of Chinese enterprises.

On a practical note, during the data labeling phase, standard guidelines should address issues like data formats, label definitions, and annotation methods to mitigate inconsistencies and replay issues, ultimately enhancing data quality

At the evaluation stage, there must be a universally accepted framework to assess the performance and reliability of security models, thus addressing problems of misleading outcomes during practical application and improving overall cybersecurity.

Secondly, nurturing cross-industry collaborative innovation becomes vital for advancing the dual paradigm of "AI + Security." Domestic security vendors are vigorously exploring the application of models in security; initial efforts are promisingAn active and effective cross-industry collaboration mechanism is key to sustainable innovationDriving national-level key projects in the AI and security domains, establishing innovative investment funds, stimulating the innovation capacities of small and medium enterprises, and promoting collaborative mechanisms surrounding tailored trainings, data sharing, and business model innovation are necessary to elevate the quality of development in this paradigm.

Thirdly, enhancing the interconnectivity of cybersecurity products must come to the forefrontChinese cybersecurity firms should vigorously implement standards that promote inter-product connectivity, adhering strictly to requirements regarding interface stipulations, data formats, communication protocols, and operational procedures to bolster product compatibility and interoperabilityThis collective effort can culminate in the establishment of a synergistic cybersecurity framework, propelling the sector’s platformization and intelligence transformation.

In the fourth aspect, cultivating a comprehensive ecosystem around "AI + Security" services should be prioritizedChinese cybersecurity firms are urged to widen their market applications and enhance their service support frameworks, establishing baseline metrics to improve user satisfaction and recognition of security servicesResearch institutions can bolster their emphasis on federated learning, privacy computing, and blockchain technologies to assist cybersecurity firms in achieving precision in user information analysis while ensuring the integrity of user data privacy

Advertisements

Advertisements