How AI is Transforming Cybersecurity: Addressing the Rise of Cyber Threats

*By Vasu Jakkal

 

In today’s digital age, the cybersecurity landscape is evolving at an unprecedented pace. With the advancement of technology, cyber threats have become more sophisticated and frequent. The critical role of artificial intelligence (AI) in improving cybersecurity measures and defending our world cannot be understated.

 

The Growing Threat Landscape

The threat landscape is the most complex in history. The speed, scale, and sophistication of malicious actors is alarming. In just one year, the number of threat actors tracked by Microsoft has increased from 300 to over 1,500. The rise of state-sponsored attacks and the proliferation of ransomware are key concerns for businesses of all sizes. In addition, the number of cyberattacks has skyrocketed from 579 attacks per second in 2021 to a staggering 7,000 password attacks per second in 2024.

This alarming increase highlights the urgent need for innovative solutions to combat the growing complexity of cyber threats. Attackers can now compromise systems within an average of 72 minutes of a user clicking on a malicious link.

This escalating threat landscape has driven the adoption of AI technologies in cybersecurity, making it an essential component of defense mechanisms.

AI: A Tipping Point in Cybersecurity

Generative AI has emerged as a powerful tool in the fight against cyberthreats. Microsoft processes 78 trillion signals daily, enabling it to identify threats at unprecedented speed and scale. One of its most notable innovations is Security Copilot, an AI-powered assistant that helps security teams defend against attacks at machine speed and scale. Since its launch in March 2023, more than 1,400 customers have used Security Copilot to investigate threats and manage risk in real time.

AI can also help address another major challenge in security: the talent shortage.

Addressing the Talent Shortage

The cybersecurity industry faces a significant talent shortage, with 4.8 million security professionals needed worldwide. AI not only helps mitigate attacks, but also supports human teams by simplifying complex tasks and reducing the barriers to entry for new professionals. This dual role of AI is crucial to closing the talent gap and improving the overall security posture of organizations.

While addressing talent shortages is a global challenge, specific regions such as South America present unique opportunities and challenges. According to the study Building a Skilled Cyber Security Workforce in Latin America, conducted in collaboration with the OECD, there is a growing demand for cybersecurity professionals with specific certifications and experience. However, these certifications often require extensive experience.

In Canada, the Canadian Cyber Security Centre, in its “National Cyber Threat Assessment 2025-2026“, highlights that the country faces persistent cybersecurity challenges as financially motivated cybercriminals and state-sponsored actors target its economic prosperity and national security. Geopolitical events and global technological rivalries further shape these threats, with increasingly complex networks of actors pursuing their own interests. However, cyber vulnerabilities and the evolving cyber threat environment, the intensity and impact of cyber threats to Canada can be mitigated through cybersecurity awareness and best practices by individuals and organizations.

Opportunities in Prioritizing Safety

Given the unprecedented threat landscape, global talent shortages, and operational complexities facing all organizations, security must be the top priority for AI and technology transformation. In this era of AI, organizations can leverage AI for security, including improving threat detection, automating defense, protecting data, and optimizing operations. And while we embrace AI for security, we also need to ensure that AI is trustworthy.

Additionally, flexible cybersecurity education using AI as a co-pilot and aligning certifications with market needs will help close the talent gap, while public-private partnerships and initiatives that promote digital literacy and awareness can strengthen overall cyber resilience. Together, these efforts create a solid foundation for sustainable technological advancement.

To navigate these challenges effectively, organizations must begin adopting several practical ideas.

Recommendations for Greater Security

To stay ahead of malicious actors in the AI era, we need to protect from the edge and use generative AI as a force multiplier. Here are some recommended actions for preparedness, prevention, and defense:

1. Protect comprehensively: Apply Zero Trust principles and protect your digital assets end-to-end across devices, identities, infrastructure, data, cloud, networks, and AI systems. Leverage AI to analyze user and system behavior for signs of potential breaches.
2. Explicitly check: Implement AI-powered biometric authentication methods alongside phishing-resistant protocols like FIDO and multi-factor authentication (MFA), pursuing passwordless solutions wherever possible. Strengthen identity infrastructure by continually managing permissions and retiring unused applications.
3. Accelerate threat prevention and defense: Use generative AI with XDR tools as a force multiplier to detect, investigate, and respond to threats. Leverage technologies like exposure management to develop a strong posture and prevent breaches.
4. Improve data security and mitigate internal risks: Prioritize data security and use AI to automatically classify and protect sensitive data, ensuring it remains secure across environments. Implement internal risk management tools to detect unusual user behavior and data misuse, enabling proactive interventions.
5. Securing and Governing AI: Use vulnerability testing teams (red teaming) to simulate real attacks and identify vulnerabilities early, strengthening AI defenses. Understand what AI applications your organization is using and ensure that the AI used is trustworthy, with security, privacy, and safety at its core.
6. Keep systems up to date: Ensure operating systems, applications, and firmware are up to date to protect against known vulnerabilities that attackers could exploit. Automate patch management.
7. Clear browsing data regularly: Clear your browsing history, cookies, and other website data regularly, and avoid entering sensitive information on unsafe websites.
8. Monitor your digital environment: Enable phishing and spam filters, and secure mobile devices with advanced filters and malicious content blocking.
9. Collaborate with industry partners: Security is a team sport! Share threat intelligence and leverage AI-powered platforms like Microsoft Sentinel to improve collective defense.
10. Create awareness and skills: Effective cybersecurity starts with awareness. Educate your teams on best practices to protect themselves and the organization, and adopt flexible cybersecurity education using AI to upskill and reskill employees.

By implementing these strategies, organizations can build a solid defense against cyber threats.

Looking to the Future

As we navigate an increasingly complex cybersecurity landscape, integrating AI into security strategies is not only beneficial, but essential. By leveraging AI capabilities, organizations can better protect themselves against evolving threats and ensure a safer digital future. Cybersecurity insights and innovations serve as a guiding light in this ongoing fight against cybercrime.

*Vasu Jakkal, CVP Microsoft Security

 

Notice: The opinion expressed in this article is the responsibility of its authors and not of ABES – Brazilian Association of Software Companies