Search
Close this search box.

Unlocking the Potential of AI/ML in Cybersecurity: Challenges, Opportunities, and Progress Indicators

Unlocking the Potential of AI/ML in Cybersecurity: Challenges, Opportunities, and Progress Indicators
Artificial intelligence (AI)
has been transforming the cybersecurity landscape for over a decade, with machine learning (ML) speeding the detection of threats and identifying anomalous user and entity behaviors. However, recent developments in large language models (LLMs), such as OpenAI’s GPT-3, have brought AI to the forefront of the cybersecurity community. These models use documented cybersecurity information to learn how to respond to prompts on the topic. LLMs can also explain complex security issues in easy-to-understand language, bringing the non-expert into the world of cybersecurity.

While LLMs are not a silver bullet for cybersecurity, they can quickly detect and mitigate cyberattacks at scale. Unfortunately, as with all advancements in the cybersecurity world, bad actors are using LLMs to increase the breadth and speed of their attacks with some early success.


One of the significant challenges in leveraging AI for cybersecurity is building trust. Trust is everything in security, and for years, vendors have played “fast and loose” with  “AI/ML”, often overstating their capabilities to drive increased interest in their offerings. This practice has caused many cybersecurity decision-makers to be skeptical of any technology touting AI/ML capabilities. Additionally, accuracy and explainability are two significant challenges regarding AI/ML. The data used to train AI/ML models drives the output of the models. If the training data does not represent the “real world’, the model will develop a bias that can skew its ability to deliver expected results. Some data, such as threat intel, good and bad file characteristics, indicators of compromise (IOCs), and the like, are to everyone. However, user and entity behavior data only applies to the specific user or entity.  

Another significant challenge is data security. Defining