Cybersecurity in the era of AI 

Colin Baumgart, CTO and Commercial Solutions Area Director at Microsoft South Africa

The cybersecurity landscape is undergoing a profound transformation, driven by the relentless evolution of technology and the increasing sophistication of cyber threats. In this dynamic environment, artificial intelligence (AI) has emerged as a pivotal ally in the fight against cybercrime.

AI’s ability to analyse vast amounts of data at lightning speeds enables the identification of patterns and anomalies that may indicate a security breach, often before it occurs. This proactive stance is crucial in a time when reactive measures are no longer sufficient.

But in an era where digital threats are escalating in complexity and scale, we cannot just think about defending against cyber threats, we need to be advancing the way we design, build, test and operate our technology to meet the highest standards of security.  It is why, we have created the Secure Future Initiative (SFI), a multi-year undertaking to safeguard our digital ecosystem.

It is an approach that is anchored in three fundamental principles: secure by design, secure by default, and secure operations, ensuring that security is not an afterthought but a foundational element of everything we create.

This commitment to cybersecurity extends beyond our own products. Through collaborations and partnerships, we are contributing to a broader security ecosystem, sharing threat intelligence and best practices. This collaborative effort is vital because cyber threats do not recognise boundaries and can ripple through networks, affecting countless users.

Recent cyber threats have shown a marked increase in both sophistication and frequency, posing significant challenges to cybersecurity defences worldwide.

A notable trend is the surge in mobile, Internet of Things (IoT), and operational technology (OT) cyberattacks, which underscores the expanding threat landscape beyond traditional computing environments.

Our 2024 Digital Defense Report highlights an alarming rise in attacks, with incidents targeting customers globally, doubling to 600 million per day, revealing the growing collaboration between nation-state actors and cybercriminals.

Over 78 trillion security signals per day from the cloud, endpoints, software tools and our partner ecosystem inform our insights, and help us to understand and protect against digital threats and criminal cyberactivity.

Data breaches have also been rampant, with TechCrunch reporting over 1 billion stolen records in 2024 alone. These breaches have not only compromised personal information but have also emboldened criminals who profit from cyberattacks. As the threats evolve, so must the strategies to combat them, requiring a concerted effort from individuals, organisations, and governments alike.

According to Interpol’s African Cyberthreat Assessment Report 2024, the rapid growth of cybercrime is further illustrated by the estimation that in 2023 there was a 23% year-on-year increase in the average number of weekly cyberattacks per organisation in Africa – this average was the highest in the world.

In this era of AI, we are all cyber-defenders. Despite this, 52% of employees still say their job has nothing to do with cybersecurity, according to The Phishing Benchmark Global Report.

There is a widespread recognition of the need to build a security culture to increase the understanding of security’s value to the business, as well as drive security awareness.

People, process and technology need to be in harmony – because businesses can have the most sophisticated technology and comprehensive processes in place to monitor, detect and respond to breaches, but if a person gives their password away or clicks on a phishing email, it becomes exponentially more difficult to protect the organisation.

Ultimately, it boils down to the fact that the individual user level is a person – and unless they have been trained to be security aware, they are capable of human error and are likely to remain the weakest link in the security chain.

Many organisations are investing in strengthening their employees’ cybersecurity knowledge and offer theoretical and practical training by carrying out spoof attacks, such as sending out phishing emails, evaluating who clicks on the links and then providing more in-depth training to plug identified gaps.

Employees are the first and last line of defence and it is why educating everyone on staying cybersafe is so important. It’s time to act now.

We recognise that the path to a secure future is paved with challenges and opportunities alike.

The same technology that empowers us can also empower adversaries. Cybercriminals are increasingly utilising AI to launch more sophisticated attacks, bypass traditional defences, and automate their malicious activities. This escalation necessitates a continuous evolution of our security strategies to stay ahead of these AI-generated threats.

As the cybersecurity landscape continues to evolve, the partnership between AI and human expertise becomes increasingly important. AI can handle the heavy lifting of data analysis, but human judgment is irreplaceable when it comes to nuanced decision-making. Organisations must foster a culture of continuous learning and adaptability, empowering their workforce to leverage AI effectively.

We must remain vigilant, adapting our defences to counteract the evolving threats in the cybersecurity landscape. And as we navigate this shifting terrain, the synergy between AI and human intelligence will be the cornerstone of a resilient cybersecurity posture.

By embracing the transformative potential of AI while remaining cognisant of its risks, we are setting a new standard for digital defence—one that is robust, intelligent, and ever-evolving.

Our mission is clear: to secure our digital world, so that everyone, everywhere, can achieve more.