The relationship between cyber security and artificial intelligence (AI) is more complex than ever.
Right now, the answer to whether AI is good news for cyber security depends on who you ask, which is confusing for professionals whose job it is to have an informed opinion. For example, if you’re a tech or security vendor, it’s likely you see AI as something positive that cyber security has been building up to for the last 30 years.
How Can AI Affect Cyber Security?
As former Google China head, Kai-Fu Lee stated in his 2020 book, AI 2041.
“Artificial intelligence could be the most transformative technology in the history of mankind.”
Five years on, and that claim doesn’t seem any less bold or relevant. Lee wasn’t talking about cyber security specifically, but it’s hard to imagine a technology that could transform mankind without also transforming cyber security.
While many experts are optimistic about the benefits of artificial intelligence for cyber security, others remain cautious. The sceptics are not specifically opposed to AI in general, but are concerned about its application in cyber security. They see AI as a double-edged sword: while it empowers defenders with advanced capabilities, it also allows cyber criminals to develop more sophisticated attacks. This draws our attention to a defining characteristic of AI – its principles can be exploited by anyone with access to open source models and can’t necessarily be locked up inside proprietary systems.
The same innovations designed to protect systems could also be exploited to undermine them.
Beyond that, a fundamental anxiety is that AI systems might themselves be attacked and become untrustworthy, perhaps without anyone knowing this has happened.
AI’s Use In Cyber Defence
Look at the spec sheet for almost any modern security product and you’ll likely see the phrase “AI-powered.” AI is used to automate repetitive tasks, speed up responses, and help detect threats that traditional tools might miss or struggle to understand.
AI’s basic mode uses unsupervised or supervised machine learning (ML) to spot patterns and make predictions using large data sets. One step up from this is deep learning (DL), a more advanced neural network model in which the output from one learning stage is used as input for a new stage.
This is the level at which artificial intelligence for cyber security is being deployed. It is designed to work at scale and requires less human input.
AI is now central to automating threat detection, incident response, and even generating easy-to-understand incident summaries for security teams and executives. Microsoft highlights that AI-driven security tools can identify malware, detect intrusions, and reduce false positives, allowing businesses to respond to threats more quickly and efficiently.
In 2025, ‘Agentic AI’ or autonomous security agents are being used to triage alerts and remediate vulnerabilities with minimal human intervention, marking a shift towards more proactive, AI-driven cyber defence.
However, while AI is now central to many security operations, businesses still rely on a mix of traditional and AI-driven techniques.
AI-Powered Cyber Attacks
The biggest challenge in artificial intelligence and cyber security is that attackers can also up their game by using the same technology to outsmart defences. A 2025 report reveals that 78% of CISOs now admit that AI-powered cyber threats are having a significant impact on their organisation, a 5% increase from 2024. This means AI cyber security threats are no longer theoretical – they are a daily reality.
Read our article on how the CISO became the most important job in cyber security.
Cyber criminals are using AI to enhance the effectiveness of their cyber operations. According to the UK National Cyber Security Centre (NCSC)’s report on the impact of AI on cyber threats (from 2025 – 2027), AI is being used to:
- Make phishing and social engineering attacks more convincing, including the use of AI-generated text, voice, and video.
- Automate the creation and delivery of malicious content, increasing the speed and scale of attacks.
- Assist in reconnaissance by rapidly analysing large amounts of data to identify vulnerabilities and targets.
- Aid in vulnerability research and exploit development, allowing attackers to identify and exploit flaws in systems more quickly.
The Government’s latest report also highlights that AI’s main contribution to cyber threats is to make attacks faster, more scalable and more effective. This means businesses may have less time to detect and respond to threats, and attacks can become more personalised and sophisticated.
The report also says that the increased accessibility of AI tools could drive a surge in cyber attacks, making them more difficult to defend against.
For anyone who wants more insight into how AI cyber attacks might work, the NCSC produces various resources about AI and cyber security for industry professionals and businesses.
Adversarial AI
A further risk comes from what’s known as adversarial AI, where attackers deliberately try to trick or disrupt AI systems. This is no longer just a theoretical issue – cyber criminals are already using techniques like prompt injection, data manipulation, and exploiting weaknesses in AI models to bypass security measures or undermine the reliability of AI-powered defences.
As AI becomes more widely adopted, these kinds of attacks are expected to become a growing concern for organisations.
Another threat is that AI could be used to undermine itself.
Adversarial AI (not to be confused with generative adversarial networks, or GANs, which are completely different) involves confusing and misleading AI systems under real-world conditions. A variety of techniques are already possible, including:
- Tricking machine learning models by feeding subtly deceptive data so that they misclassify images or spam.
- Data poisoning attacks involve manipulating the data fed to the AI model to degrade its performance or introduce vulnerabilities (this requires access to the data).
- Fooling online classification systems by sending them fake data.
- A denial of service attack where an AI is slowed by being bombarded with complex problems (this is a newer and less common threat compared to other adversarial techniques).
Another factor increasing the vulnerability of AI to adversarial attacks is that many won’t be centralised. Edge computing is a major trend in network design. It’s based on the idea that servers and applications should be placed closer to the users or devices they serve, helping to improve performance and make systems more resilient.
This also applies to AI located at edge locations, which could make them harder to monitor for tampering and manipulation.
AI Skills
Ironically, for an idea that is all about the power of machines, what seems to be limiting it today is a shortage of human beings who understand it. This is AI’s version of the skills crisis affecting other parts of cyber security. The Government’s Cyber Security Breaches Survey 2025 confirms that a lack of AI expertise and skilled personnel is seen as a key barrier to effective cyber defence, with a majority of organisations reporting difficulties in recruiting and retaining staff with the necessary AI and security skills.
This implies that far from suffering from a skills crisis, AI will eventually replace some jobs. That, presumably, will include some jobs in IT and cyber security that might otherwise have required humans to do them.
At the moment, however, skilled professionals are still essential for managing the overall security strategy.
Cyber Security and Artificial Intelligence: A Better World for SMEs?
If you’re an SME worried about affording cyber security investment and skills, the best thing about AI is that it will likely commoditise more advanced security technologies that, today, are out of your price range.
Bought as services from larger platforms that integrate AI automation and service bots, the downside to this is that we could see less choice as large tech platforms monopolise the field.
AI won’t remove today’s security worries, but it will transform them into new and unfamiliar forms.
Achieve Cyber Security and ISO 27001 Certifications For Your Business
Gain a better understanding of the ISO 27001 implementation process – download our ISO 27001 Checklist.
You might also consider achieving certification to ISO 42001 – the standard that sets out requirements for Artificial Intelligence Management Systems. Register your interest for ISO 42001.
Help to protect your business from cyber attacks – get started on your journey to ISO 27001 and Cyber Essentials certification for your business with British Assessment Bureau.
Request a quote today or contact our team to discuss your needs.
