Combining AI with Cyber Security to Help Good People Win

Cybercriminals have already started to use artificial intelligence (AI) to strengthen their attacks and evade detection. But organisations are beginning to adopt AI themselves to defend against these increasingly sophisticated threats. Microsoft’s new report, Mission Critical – Unlocking the UK AI Opportunity Through Cybersecurity, gives a status report on this AI arms race and outlines five key ways for the country to become a cyber security superpower.

Clare Barclay, Microsoft UK CEO, introduces the report, which is now available online for free. “When I think about advances in AI in the context of the UK, a country that has always been quick to embrace technology’s potential, the opportunities seem endless,” she says. “Yet, to fully realise the benefits of generative AI, we must trust it: trust that it prioritises safety, privacy and security. We can only build a prosperous future if we start from secure foundations.”

She emphasises that it will be very difficult for the UK to “thrive as a nation” unless we use AI-enabled cyber defences that are stronger than those employed by threat actors.

How AI is disproportionately helping good people win

The report includes a piece from Quorum Cyber CEO Federico Charosky in the chapter titled, A blueprint for UK success. He believes that AI will, in fact, give defenders the upper hand for the first time.

“Threat actors are already using AI to launch more sophisticated attacks, faster than ever and at a scale never seen before, while enabling them to avoid detection,” he says. “However, AI will provide greater benefits to defenders than attackers. Why? To defeat defences that use a combination of AI and human ingenuity, attackers will need something superior. Currently this doesn’t exist, so defenders have the advantage. But we must use this quickly to disrupt the pandemic of cyber-attacks that’s holding society hostage.

“At Quorum Cyber, we believe it’s essential for the cybersecurity industry to run towards AI and adopt it as soon as possible to gain the benefits, while being aware of the potential risks and ensuring ethical, responsible, and robust AI solutions are implemented to protect systems, data, and people from cyber threats.”

New research commissioned by Microsoft has found that, at present, cyber-attacks could be costing UK organisations over £87 billion each year. Microsoft estimates that if cybercrime was measured as a country, it would be the world’s third largest economy, with its associated costs expected to reach £8.4 trillion every year by 2025.

To fight back, it announced in late 2023 that it will invest £2.5 billion into the UK, to build and develop datacentres, AI skills and security. This amounts to its largest investment since opening its first office in the UK in 1982.

Its new report classifies UK organisations’ cyber security performance into three tiers. Currently, 13% are resilient, 48% are vulnerable and 39% are high-risk.

Five steps to strengthen the UK’s defences against AI-enabled attacks

With this in mind, they have detailed their blueprint for the UK to succeed in AI cyber security in five steps:

1. Support widespread adoption
2. Target investment
3. Cultivate talent
4. Foster research and knowledge sharing
5. Lead on governance

“The UK’s ability to stay at the forefront of AI’s future will rely on how well it can evolve and adapt to the ever-extending capabilities of the technology itself – and the risks they carry,” the report states.

Overall, the global AI cyber security market has huge potential; Microsoft predicts it will be worth £108 billion by 2030. And the UK, which held the AI Safety Summit in late 2023 at Bletchley Park, is in an excellent position to lead the world and reap the rewards.

You can download Mission Critical: Unlocking the UK AI Opportunity Through Cybersecurity from the Microsoft website.