A lot of the hype around AI has diminished over the past year as companies struggled to manage their increasingly remote workforces during the pandemic. AI didn’t go away in 2021; it just didn’t grab headlines like the splashy and crippling ransomware attacks.
Still, AI continues to seamlessly integrate itself into more and more systems, software, and networks. According to experts, it is a trend that is expected to accelerate in 2022, and one which will have broad implications for cybersecurity. In fact, MSPs could find themselves at the forefront of AI’s cybersecurity innovations in the coming year.
“AI is sort of the missing link in so many cybersecurity chains. What it will enable companies and MSPs to do in terms of cybersecurity will be transformational,” predicts Jason Thomas, a cybersecurity researcher and AI specialist based in Vancouver, British Columbia.
Gartner just released a study that shows worldwide artificial intelligence software revenue is forecast to total $62.5 billion in 2022, an increase of 21.3 percent from 2021. Much of that software will be focused on cybersecurity applications.
“The AI software market is picking up speed, but its long-term trajectory will depend on enterprises advancing their AI maturity,” notes Alys Woodward, senior research director at Gartner.
Still, with AI growing in fits and starts and companies still struggling to implement it, Gartner predicts it won’t entirely come into its own until 2025.
“But you’ll see more and more entities embrace AI in 2022, and the kinks will slowly get worked out; at some point, a `critical mass’ will be reached, and you’ll see it permeate all aspects of cybersecurity,” states Thomas. MSPs that want to be progressive and stay ahead of the curve should be embracing AI now.
How MSPs can embrace AI in 2022
ChatBots: Many MSPs are implementing chatbots as part of a seamless 24/7 self-serve cybersecurity help desk. Thanks to AI, chatbots are becoming increasingly sophisticated, going beyond the simple “How can I help you?” conversations.
“A chatbot can now help users identify security situations and solve problems, and if additional help is needed, the chatbot can create a ticket to alert the security team,” explains Thomas. He adds that chatbots can be used to warn of emerging security threats targeting teams.
“A chatbot can be a very effective first line of communication with a client,” shares Thomas.
Software: “This is one area where there is already a lot of opportunities. It will get better as time passes. Still, MSPs that aren’t taking advantage of some of the opportunities available now in the cybersecurity realm are wasting resources,” warns Thomas.
The flip side is that cybercriminals are also using AI. “It does become a classic cat and mouse game, but `good guys’ that don’t use cybersecurity are ceding the field to the bad guys,” he continues.
Banking and healthcare are the two verticals to watch as they are the most data-rich, meaning hackers want to infiltrate these businesses. These two areas tend to do the most experimenting with the role of AI in defending data.
“If you have banking and or healthcare clients, that is where I see the most opportunities for MSPs to leverage AI in cybersecurity situations,” advises Thomas.
Anomaly Protection: Even the most basic AI applications can spot patterns. When an unusual event hits a network, algorithm-heavy AI can flag a potential breach as it is occurring, which can save crucial time in trying to mitigate damage from an intrusion. Anomaly protection is also a critical component of detecting insider threats.
“Whether it’s flagging financial transactions that are out of the ordinary, or spotting activity at unusual times, AI is great at sniffing these events out,” Thomas says.
There are many ways MSPs can employ anomaly detection, and it should be part of every MSP’s arsenal.
Phishing and Social Engineering Detection: This is a big one that hackers will fight back against, but AI can help detect targeted phishing attempts. Well-engineered phishing can often bypass filters because it doesn’t contain malicious payloads.
“This is where AI shines because it can detect what behavior is `abnormal’ by analyzing writing styles, patterns, and phraseology,” states Thomas. “Each user can, in theory, be assigned a unique profile, and that makes it easier to detect suspicious activity.”
Catch the smallest hints of a cyberattack
If a particular user has meticulous grammar and never makes typos, and suddenly an email comes from that account that is riddled with misspellings and grammatical errors, there are software packages that can flag that.
“AI is really going to be able to sniff out those suspicious emails. It already has a superb capacity for doing so and will only get better,” predicts Thomas.
So will 2022 end up being the “Year of AI?” Stay tuned and we’ll see if it finally comes into its own in the year ahead.
Photo: Sergey Tarasov / Shutterstock