AI in cybersecurity: a powerful shield with a dangerous crack

Cybersecurity is experiencing a tectonic shift. Artificial intelligence, which just a few years ago was perceived as an experimental technology in the arsenal of network defenders, has today become a central element of corporate defense. But the deeper AI penetrates security systems, the more a paradox becomes apparent: the technology designed to protect is itself becoming a source of new, previously unprecedented threats. It is precisely this duality that IEEE Spectrum—one of the world's most authoritative technical publications—brings to the agenda.

The scale of the problem cannot be overstated. According to analysts, global damage from cybercrime in 2025 has approached ten trillion dollars, and the number of attacks using AI elements has multiplied. Traditional security systems, built on signature analysis and static rules, increasingly prove powerless against adaptive, polymorphic threats. This is why organizations worldwide turn to machine learning and neural networks as their last line of defense.

In practice, AI in cybersecurity operates in several key directions. The first and most mature is anomaly detection. Neural networks analyze terabytes of network traffic, build a model of normal system behavior, and instantly flag deviations that a human analyst would notice only hours or days later.

The second direction is behavioral analytics, which enables the detection of insider threats and compromised accounts through subtle changes in user action patterns. The third is predictive modeling, where AI does not simply react to an attack but forecasts probable attack vectors before the attacker strikes. Finally, there is automated response: systems are capable of isolating an infected network segment, blocking a suspicious process, or revoking compromised access keys in milliseconds, without waiting for human command.

However, behind the impressive facade lies a serious problem. AI systems themselves represent a vulnerability—and attackers understand this perfectly well. Adversarial AI has become one of the most actively developing directions in the arsenal of cybercriminals. The essence of the approach is simple and elegant: instead of attacking the protected system directly, the attacker targets the machine learning model that guards it. Specially crafted input data can force the neural network to accept malicious traffic as legitimate, pass a phishing email, or ignore signs of intrusion. Essentially, attackers are learning to deceive the digital guardian by speaking to it in its own language.

Equally serious is the problem of data bias. Models are trained on historical attack data, meaning they inherit all blind spots in that data. If a certain type of threat was insufficiently represented in the training sample, the system will systematically miss it. Moreover, attackers can deliberately poison the data on which the model is trained, introducing false patterns into it and gradually reducing the effectiveness of the defense—the so-called data poisoning attack.

A separate set of questions concerns the ethics of autonomous decisions. When an AI system independently blocks an employee's access, isolates a critical server, or disables a business process, the consequences can be as destructive as the attack itself. A false positive in an industrial automation system can halt production, and in medical infrastructure, it can endanger lives. The question of where the boundary of permissible AI autonomy in security decisions lies remains open and acutely pressing.

For the Russian context, these issues take on an additional dimension. Domestic companies are under constant pressure from cyberattacks, while access to a number of foreign AI security solutions is restricted. This creates both a challenge and an opportunity: Russian developers are forced to build their own intelligent defense systems, which in the long term could lead to the emergence of competitive domestic solutions. However, the quality of these solutions directly depends on the volume and diversity of data available for training models.

The industry is moving toward a model that can be described by the formula 'AI plus human.' Complete automation of cybersecurity is still a utopia. The most effective systems use artificial intelligence for initial analysis and filtering, leaving final decisions to live specialists. This approach allows leveraging the speed and scale of machine learning without losing the critical thinking and contextual understanding that only humans currently possess. The future of cybersecurity is not in choosing between AI and people, but in building an architecture where both elements reinforce each other, and the balance between innovation and control is maintained consciously and continuously.