There's a clarion call to arms in the cybersecurity industry amid the emergence of more powerful artificial intelligence. While hackers already can tap new "generative" AI tools, cybersecurity firms are scrambling to come up with better defenses.
The problem: Just like new generative AI chatbots can write high school essays or computer code, they also can help hackers in "phishing" attacks. In these, hackers create clever emails that entice workers or management into disclosing security credentials. Hackers also might coerce ChatGPT-type tools into creating malware that mutates and avoids detection on computer networks.
On the other hand, cybersecurity firms expect generative AI tools to help reduce the time to detect and respond to many forms of computer hacking. Also, they see generative AI automating more functions in security operations centers to help companies deal with a shortage of software engineers.
"Adversaries are going to leverage the capabilities of GenAI to generate even more sophisticated social engineering attacks and scams at speed and scale that are increasingly indistinguishable from genuine communication," TD Cowen analyst John Blackledge said in a recent note to clients.
He added: "Vendors of identity and access management and threat detection solutions will eventually have to address the obvious threat arising from sophisticated malware that can leverage AI and machine-learning capabilities."
Cybersecurity AI Models Need Data For Training
Cybersecurity firms have used AI's pattern recognition capabilities for real-time analysis of data for years. Since the emergence of OpenAI's ChatGPT in November, how to deal with cybercrime has taken on more urgency.
Generative AI models scoop up public internet content, analyze it and create text, images, video and computer programming code. The technology is quickly finding applications in marketing, drug development, video gaming and other areas. Problem is, the cybersecurity industry may have issues others do not when it comes to adopting generative AI technologies.
Large language models analyze huge amounts of public internet data to develop applications like ChatGPT. The AI models reply to "prompts" that describe what a user wants to get.
In cybersecurity, high-quality data to train AI models are limited "due to the sensitive and siloed nature of security data," Morgan Stanley analyst Hamza Fodderwala said in a recent note.
At Goldman Sachs, analyst Gabriela Borges has a similar view.
Best Stocks Among Cybersecurity Firms
"Enterprise-focused security AI requires far more exacting applications and has historically been constrained by access to comprehensive data sets," Borges said in a recent note to clients.
"This remains the biggest hurdle for AI in cybersecurity today," Borges went on to say. "However, we are starting to see the benefits of AI in threat detection. We believe platforms with extensive internal data logs across both endpoint and network are best positioned to benefit long term."
Investors homing in on AI stocks may focus on the cybersecurity landscape for potential plays. Some analysts point to Microsoft, Palo Alto Networks and CrowdStrike Holdings as possible beneficiaries from higher security spending.
Microsoft, the biggest investor in OpenAI, has launched Security Copilot. Copilot's AI assistant helps cybersecurity professionals use prompts to make sense of threat intelligence and investigate incidents.
Morgan Stanley's Fodderwala called Microsoft Security Copilot "ChatGPT for cybersecurity." Microsoft hasn't said when the Copilot tools will be widely available.
How One Cybersecurity Player Sees AI
Meanwhile, Palo Alto Networks leverages threat detection logs in its AI-based security operations center platform. On Palo Alto's fiscal third-quarter earnings call, management commented on the generative AI opportunity.
"I think we are going to undergo a transformation both as Palo Alto Networks as well as generally an enterprise software industry over the next 12 to 24 months as we embrace generative AI," Palo Alto Chief Executive Nikesh Arora said on the call. "I think that's the real opportunity and challenge in front of us, and I think half of the people out there will get it wrong. And hopefully, we're on the right side of history."
Palo Alto Chief Product Officer Lee Klarich sees companies like his as well positioned.
"If you're in the security business, it definitely helps if you have the largest data lake in the world of security data," Klarich said. "So from that perspective, I think it favors the people who have a lot of data already as part of their strategy, and they've built a business in the back of a data-led strategy."
Meanwhile, CrowdStrike has equipped its Falcon platform with AI capabilities. CrowdStrike earnings are due May 31.
At the RSA conference in late April, SentinelOne unveiled PurpleAI, a threat-hunting platform that integrates GenAI in its extended detection and response, or XDR, platform.
Cybersecurity Firms: Artificial Intelligence Among Startups
Among cybersecurity startups, companies with AI technologies include ReliaQuest, Deep Instinct and Recorded Future. Analysts expect more artificial intelligence innovation from incumbents and startups.
At TD Cowen, Blackledge sees GenAI systems used to create realistic threat simulators, for example. Also, Evercore ISI analyst Peter Levine expects the cybersecurity industry to adapt.
"There are two sides of security, the preventative side and the reactive side," Levine said in a note. "The preventative side is gaining a bit more mind share. It's a potential area we could see more advanced AI come into play to better predict future attacks. The idea of integrating access controls (identity) with networking is something we heard could be an area of focus."
Meanwhile, the IBD Computer Security group ranks No. 56 out of 197 groups tracked. Fortinet, Palo Alto Networks and CrowdStrike hold the highest Composite Ratings in the cybersecurity group.
Follow Reinhardt Krause on Twitter @reinhardtk_tech for updates on 5G wireless, artificial intelligence, cybersecurity and cloud computing.
