Artificial intelligence is the current buzzword in IT security. Hardly any product launches without “AI-powered” in its marketing. But what does AI actually deliver in cyber defence — and where do its limitations lie?
Where AI Delivers Real Value
Machine learning and statistical models have produced demonstrable progress in certain areas of IT security. Not because they are magical, but because they excel at recognising patterns in large datasets.
Anomaly Detection in Networks and User Behaviour (UEBA): User and Entity Behavior Analytics create baseline profiles for normal behaviour — login times, access patterns, data volumes. Deviations are automatically detected. If an accounting account suddenly accesses development servers at night, the system raises an alert. ENISA rates UEBA as one of the most promising AI applications in cybersecurity.
Malware Classification: Signature-based detection alone is no longer sufficient against polymorphic malware. ML models analyse behavioural characteristics of files — API calls, memory access, network connections — and classify previously unknown variants as well. Modern EDR solutions have been using this technique productively for years.
Phishing Detection: NLP models analyse email content for linguistic patterns typical of phishing: urgency, authority appeals, suspicious URLs. Combined with sender reputation and header analysis, these systems achieve detection rates above 95 per cent.
Alert Triage: An average SOC processes thousands of alerts per day. ML-based prioritisation reduces “alert fatigue” by automatically downgrading false alarms and elevating critical events. This frees analysts for the cases that truly matter.
Vulnerability Prioritisation: Not every CVE is equally critical. AI-powered systems assess vulnerabilities in the context of your own infrastructure: is the affected service externally accessible? Are there active exploits? How business-critical is the system? This is more efficient than relying on raw CVSS scores alone.
Where AI Reaches Its Limits
The limitations are just as real as the benefits — and are conveniently omitted in marketing.
High False-Positive Rates: Without careful tuning and context-specific training, ML models produce a flood of false alarms. A system that flags every unusual login as an attack is quickly ignored. The calibration phase takes weeks to months and requires specialist expertise.
Adversarial Attacks: ML models can be deliberately deceived. Attackers can manipulate inputs so that malware is classified as benign. Research has shown that even minor modifications to PE files can bypass detection by ML-based scanners.
The Cold-Start Problem: ML needs data — lots of good data. A freshly installed system knows neither the network nor the users. It takes weeks before the models become meaningful. For SMEs with small environments, there is often insufficient data for reliable models.
“AI Washing”: A considerable proportion of security products marketed as “AI-powered” use simple rule-based automation or statistical thresholds. This is useful, but it is not artificial intelligence. The line between marketing and reality is blurred.
No Substitute for Human Judgement: Complex incidents require contextual knowledge that no model possesses: business processes, political contexts, current projects. An experienced analyst recognises that the nocturnal data transfer is a planned migration — the ML model only sees the anomaly.
Explainability: Many ML models are black boxes. When a system triggers an alert, it is often unclear why. For regulated industries and for traceability in incident reports, this is a genuine problem. The NIST AI Risk Management Framework (AI RMF) explicitly calls for transparency and explainability.
AI vs AI: The Arms Race
Attackers use the same technology. Generative AI creates convincing phishing emails without the typical spelling mistakes. Deepfakes enable CEO fraud via video calls. Automated tools scan for vulnerabilities at scale and generate tailored exploits. Defenders must keep pace — but this arms race has no finish line.
Practical Recommendations for SMEs
- Question the hype: Ask vendors specifically which ML methods are used and what data the models were trained on. “AI-powered” alone is not a meaningful statement.
- Use established tools: Modern EDR solutions and email security gateways have been using ML productively for years. These are no longer experiments but proven tools.
- Augmentation, not replacement: AI makes analysts more efficient but does not replace them. Plan for personnel to evaluate alerts, even if the system filters “intelligently”.
- Fundamentals first: Before investing in AI tools, ensure that patching, MFA, network segmentation, and backup processes are working. No ML model compensates for missing fundamentals.
- Stay realistic: AI is a tool with strengths and weaknesses. Those who regard it as a silver bullet will be disappointed. Those who deploy it purposefully gain a genuine advantage.
How Zerberos Can Help
AI-powered tools detect patterns and anomalies. What they cannot do: find logic errors in business processes, evaluate misconfigurations in context, or think through creative attack paths. That is precisely the strength of manual penetration tests. Zerberos combines automated analysis with the experience of human testers — for results that go beyond what any scanner can deliver.
Contact us for a no-obligation consultation.
Sources
- ENISA — AI and Cybersecurity: Challenges and Recommendations (2024)
- NIST — AI Risk Management Framework (AI RMF 1.0)
- MIT Technology Review — The AI-Cybersecurity Arms Race (2024)
- Gartner — Market Guide for Security Orchestration, Automation and Response (2024)
- MITRE ATLAS — Adversarial Threat Landscape for AI Systems