Canalys Forums 2023: Generative AI is a game-changer in the cybersecurity ecosystem

The cybersecurity market is ripe with opportunities and challenges for 2023, and no other technology stands more pivotal than generative AI. As revealed in the recent Canalys report titled 'Now and next for the cybersecurity ecosystem in 2023 – part 2', AI-driven security measures are now more strategic than ever. Despite this, the surge in AI use brings with it uncertainties, opportunities and controversies.

Threat actors have started weaponizing generative AI to improve the monetization of their attacks, which will stem from a surge in ransomware attacks and phishing campaigns. Generative AI can be trained to identify vulnerabilities in code repositories and websites, facilitating increased zero-day attacks. This advanced technology can also generate malicious code, including finding sensitive files on a corporate network and shifting ransomware extortion from primarily encrypting data to more data exfiltration. The capability to create malware and exploit vulnerabilities will also significantly lower the barrier for new threat actors to emerge, even those without any coding knowledge.

On the brighter side, generative AI promises to revolutionize cybersecurity by augmenting existing operations within organizations. SOCs will experience a paradigm shift as they onboard and train analysts with digital twins, and increase the automation of detection and response processes and prioritizing alerts. Predictive tools, automated threat intelligence, vulnerability reports, software inventory management, and more can be streamlined, mitigating, but not fully solving, the ongoing skills shortage in cybersecurity. Canalys estimates suggest that more than 70% of businesses will have their cybersecurity operations supported by generative AI tools within the next five years.

With the rise of AI, technology vendors are launching innovative products to capture the market. Microsoft, with its Security Copilot utilizing ChatGPT-4, is at the forefront. It is no surprise considering their substantial investment in OpenAI, which began in 2019. Other vendors are quick to catch up, with offerings such as Airgap Networks’ ThreatGPT, Endor Labs’ DroidGPT, SentinelOne’s Purple AI and Tenable’s EscalateGPT.

Despite the opportunities that generative AI presents, there are legitimate concerns about its use. Trust issues arise from hallucinations leading to unreliable responses, false positives and negatives, and difficulty in interpreting the output. Moreover, the risk of complacency and over-dependence on technology for detecting incidents is real, and the current guardrails against malicious use have proven to be inadequate. The most significant issues lie in the potential violation of data privacy laws and intellectual property infringement, areas yet to be thoroughly debated by regulators.

In conclusion, generative AI will transform cybersecurity with enormous potential but is accompanied by challenging questions around its usage, limitations and implications. It is a technological race and a classic good versus evil story, much like the use of the Force by the Jedi and the Sith in Star Wars. But its outcome will significantly shape the cybersecurity ecosystem for 2023 and beyond.

If you are a channel partner keen to learn about the opportunities in AI and cybersecurity, we encourage you to register for Canalys Forums 2023. These events will provide partners with the opportunity to learn more about the latest trends in AI and address how they can swiftly adapt to meet the changing needs of their customers alongside top distributors and channel-committed vendors. May the Force be with you!

 EMEA: 3 – 5 October | NORTH AMERICA: 13 – 15 November | APAC: 5 – 7 December