Artificial intelligence (AI) is beginning to change cybersecurity. This report takes a comprehensive look across cybersecurity to anticipate whether those changes will help cyber defense or offense. Rather than a single answer, there are many ways that AI will help both cyber attackers and defenders. The report finds that there are also several actions that defenders can take to tilt the odds to their favor.Download Full Report
The cyber domain touches nearly all systems and aspects of society, so any changes to the relative offense-defense balance in cyber could be very impactful. As a digital technology, AI can be expected to have a more direct effect on those balances than in other domains.
To assess how AI may affect the offense-defense balance within cyber, we collected arguments for an offensive or defensive bias in various aspects of cyber operations as well as arguments for what gives cyber its unique character. We then considered how varying levels of AI advancement might strengthen, weaken, or alter those arguments. The results of that analysis are grouped into five categories: Changes to the Digital Ecosystem, Hardening Digital Environments, Tactical Aspects of Digital Engagements, Incentives and Opportunities, and Strategic Effects on Conflict and Crisis.
There is no single answer to the question of whether AI will make cyber offense or defense dominant. Cyber attackers and defenders have too many different goals that can be achieved in multiple ways, but AI is likely to change the cyber landscape in ways that can be predicted and perhaps controlled to some extent.
Although AI will increase the scope of defensive tasks by making the digital ecosystem larger and more complex, it may also reduce the scope of defensive tasks in other ways, such as by decreasing the number of network connections to monitor. AI systems could replace known human weaknesses, but AI components are often vulnerable. AI components could also aggregate too much information or control into high-risk digital targets, and eliminating manual controls could reduce resilience during attacks. As system designers, acquisition officials, and users incorporate or implement AI, they will decide how much risk to accept along each of these lines.
AI also promises to further harden digital environments by performing tasks that currently overwhelm defenders. If these tasks can be done reliably by AI and if defenders can keep up with faster discoveries of new vulnerabilities and attack tactics, then defenders can take advantage of their ability to impose delays and frictions to gain more from AI than attackers. Doing so could prevent AI from enticing new threat actors and could limit the strategic benefits that aggressors might see from AI’s increase in speed and scale. But that defensive advantage is far from guaranteed and there are several missteps that could push the balance toward offense instead of defense in the years to come.
No comments:
Post a Comment