AI – specifically generative AI – is a game-changer in the world of cyber security, demanding new approaches to how organisations mitigate risk and extreme caution in how they adopt AI tools within their business.
This is according to security experts at SecureConekt, a specialist cyber security and managed security services provider in which CipherWave recently acquired a majority stake.
Henry Denner, Managing Director at SecureConekt, notes: “It is important to differentiate between automation, machine learning and true AI. Where automation is rules based, AI can reason and formulate an opinion or an output based on an instruction set. Because of these capabilities, it can make decisions and give you a faster plan to attack a network, for example.”
A good example is the very recent breach at Google that was driven by artificial intelligence. Hackers used AI to make their scams look incredibly realistic – fake e-mails, cloned voices, even deepfake Zoom calls, to trick employees into giving them access to internal systems.
Trevane Paul, CEO of Conekt Holdings, says: “AI is reshaping the cyber security battlefield. It isn't just a tool – it’s a game-changer. Bad actors use it to exploit vulnerabilities better and faster than humans can respond. We're facing sophisticated threats like deepfake attacks, AI-generated phishing e-mails and automated vulnerability scans that outpace outdated defence tools. Many businesses lag, using decade-old security measures. The introduction of AI tools into organisations also presents new risks and vulnerabilities.”
He elaborates: “Now suddenly you've got a hacker who's using AI to do reconnaissance on you as an individual or your company. The phishing attacks that come out of that are super personalised. Some of the test versions that we've implemented in-house are fooling our own people. And because attackers are using AI, the traditional defence barriers are breached almost daily.
“Companies need to be more AI-security aware. They are adopting this new AI capability, but their defences and security models are still traditional. Have they scaled? Has their security posture changed because of AI? The bot that they have implemented has access to all their customer data, for instance, but have they ensured it is secure?
"Threat detection and response, for instance, is a very traditional concept in cyber security. However, it needs to change to look for different things based on how AI is being used in the environment. Vulnerability management and vulnerability scanning now need to include what AI components the organisation is using, its externally facing AI utilities, its AI bots and its AI workloads and capabilities.
“While AI can increase risk, it also empowers cyber security teams. It enables them to analyse logs in real-time, and detect anomalies, isolate threats and predict vulnerabilities more effectively – if they have the right systems and teams,” Paul says.
Wayne D’sa, Group CEO of CipherWave, adds that there are two sides to the AI coin: “AI is transforming businesses and helping security teams to stay on top of the mundane kinds of security work. But it's also creating a challenge in the sense that if unchecked, AI transforms everything about the risk landscape. The challenge for organisations currently focusing on harnessing AI is to partner with the right organisation – one that is developing, building and enhancing AI security and compliance, and mitigating risk from threat actors using AI.”
Keeping pace with change
SecureConekt believes that cyber security should be an ever-evolving capability, and in the AI era, standing still means falling behind. Having built extensive in-house AI capabilities, the company is helping clients fight smarter – not just harder.
SecureConekt has integrated AI throughout its operations. Partnering with Conekt, SecureConekt helps clients develop proactive, AI-enhanced defence strategies tailored to their needs. Its AI-enabled services include intelligent threat detection and response, continuous vulnerability scanning and risk scoring, and breach prevention strategies.
Denner says: “We also have a team that can assess AI models. We have developed a model to assess the security around AI models, assessing what various AI bots and models are capable of, what risks are associated with those capabilities, and mitigating those risks.”
He adds: “AI is becoming essential in threat detection and automated incident response, continuous vulnerability management, reducing alert fatigue in SOC operations and compliance and risk scoring in real-time. At SecureConekt, we’ve integrated AI into our entire security framework to help clients detect, respond and evolve in near real-time.”
“At Conekt Holdings, we’re riding the AI wave and helping our clients do the same, one secure, Conekt’d step at a time,” says Paul.
Matthew Venkatesan, Chief Commercial Officer at CipherWave, says: “With the evolution of AI, the cyber security business is starting to investigate AI-specific security. It requires the knowledge, expertise, skill and the funding to get it going, and a lot of R&D. SecureConekt has invested in a great deal of R&D to prevent AI-enabled attacks, help clients deploy AI without the risk and protect their networks using AI tools.
“There’s a great deal of forward-thinking in terms of our partnership with SecureConekt, as well as the 15 years plus of industry expertise that we carry within the business to manage not just evolving cyber risk, but the entire customer network and environment,” Venkatesan says.
This is the first in a series of press releases by CipherWave and SecureConekt on the impact of AI on cyber security.
Share