* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/)
* Harnessing the Power of A...

# Harnessing the Power of AI in Cybersecurity --- Predictions and Solutions

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2024%2F02%2Fthe-power-of-ai-in-cybersecurity%2F)  
[](https://twitter.com/share?text=Harnessing+the+Power+of+AI+in+Cybersecurity+%E2%80%94+Predictions+and+Solutions&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2024%2F02%2Fthe-power-of-ai-in-cybersecurity%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2024%2F02%2Fthe-power-of-ai-in-cybersecurity%2F&title=Harnessing+the+Power+of+AI+in+Cybersecurity+%E2%80%94+Predictions+and+Solutions&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2024/02/the-power-of-ai-in-cybersecurity/&ts=markdown)  
\[\](mailto:?subject=Harnessing the Power of AI in Cybersecurity — Predictions and Solutions)  
Link copied  
By [David Moulton](https://www.paloaltonetworks.com/blog/author/dmoulton/?ts=markdown "Posts by David Moulton")  
Feb 07, 2024  
6 minutes  
[Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown)  
[Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)  
[AI](https://www.paloaltonetworks.com/blog/tag/ai/?ts=markdown)  
[AI's Impact in Cybersecurity](https://www.paloaltonetworks.com/blog/tag/ais-impact-in-cybersecurity/?ts=markdown)  
[Cortex](https://www.paloaltonetworks.com/blog/tag/cortex/?ts=markdown)  
[cybersecurity](https://www.paloaltonetworks.com/blog/tag/cybersecurity/?ts=markdown)  
[Cybersecurity Careers](https://www.paloaltonetworks.com/blog/tag/cybersecurity-careers/?ts=markdown)  
![](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/audio-icon.svg)  
Chris Scott --- AI in Cybersecurity  
*00:00* *00:00*  
Volume Slider  
10s 10s  
10s 10s  
Seek Slider

[*"AI's Impact in Cybersecurity"*](https://www.paloaltonetworks.com/blog/tag/ais-impact-in-cybersecurity/?ts=markdown)*is a blog series based on interviews with a variety of experts at Palo Alto Networks and Unit 42 with roles in AI research, product management, consulting, engineering and more. Our objective is to present different viewpoints and predictions on how artificial intelligence is impacting the current threat landscape, how Palo Alto Networks protects itself and its customers, as well as implications for the future of cybersecurity. In our interview with Chris Scott, a managing partner from Unit 42, he explores the impacts of AI in cybersecurity.*

In the ever-evolving landscape of cybersecurity, organizations are searching for innovative solutions to combat increasingly sophisticated cyberthreats. The integration of artificial intelligence (AI) has emerged as a game-changer in the field, a powerful tool to safeguard data and organizations. Our conversation with Chris focuses on the transformative potential of AI in cybersecurity with both near-term predictions and long-term impacts.

## Near-Term Predictions --- Co-Pilot AI and Sophisticated Spear Phishing

In the near term, AI is set to play a co-pilot role in assisting cybersecurity professionals during attacks, Chris highlights. This entails AI riding alongside individuals, offering critical insights and context to enhance decision-making. With the ability to process vast amounts of data rapidly, AI provides essential guidance to security practitioners, enabling them to stay one step ahead of attackers.

Unfortunately, AI is a double-edged sword. Cybercriminals are also capitalizing on AI's capabilities to enhance their malicious activities. Spear phishing attacks, for instance, have become more sophisticated with the advent of large language models (LLMs). These models enable bad actors to create highly authentic, localized and contextually relevant spear phishing messages. By analyzing multiple emails from specific companies, cybercriminals can leverage AI to craft personalized and convincing messages, leading to an increased risk of individuals falling victim to such attacks.

## Medium-Term Impacts --- Automated Response and Human Collaboration

Looking ahead, the medium-term impacts of AI in cybersecurity will revolve around automated response systems. As organizations face an ever-increasing number of cyberthreats, automated response mechanisms become crucial for rapid incident containment. Chris shared an intriguing example: password theft. In this scenario, an automated system can isolate compromised hosts promptly, minimizing the potential fallout. However, caution is necessary as AI systems are not immune to false positives or other issues. Establishing a balance between automation and human involvement is vital to ensure effective decision-making and prevent unnecessary disruptions. Chris explains this concept a bit further:

*"When I think about the medium-term impacts of AI in the cybersecurity realm, I think you're going to see a lot more of the automated response side, that ability to understand what has happened. And, I think you're going to see a mix of where do we put this with what's human involvement, what is automated response, and how do we work together.*

*So, as we get these common responses, one of my favorite examples is password theft, or credential theft is another way to think of that. When a credential is stolen from an environment, what should our automated response be? One of those might be to isolate that host. Well, after we're very sure about that isolation process, we can hand that off in an automated fashion to an AI to say: When you see credential theft within these environments, go ahead and automate the isolation of these endpoints.*

*Now we want to be careful, though, because LLMs and just AI in general, sometimes they have a false positive or they have an issue. So, in those initial phases, we want to limit those capabilities down and specify how many automated isolations that you want to allow. Maybe it's 20 per day? Or, maybe it's 30 per day for your entire environment? And anything above that, we want to push that to a human to be able to help make the decision. Make sure that we're not having a false positive, or in the LLM world, what we call a hallucination, when it really believes that something else is happening that is not."*

This approach ensures that critical incidents receive human attention, preventing false positives or AI-driven mistakes (such as hallucinations) from causing unnecessary chaos. Collaborating with AI in this way enables cybersecurity professionals to harness the speed and efficiency of automated responses while maintaining oversight and reducing the risk of false positives and a barrage of low-fidelity alerts.

## Long-Term Predictions --- Proactive Security and Real-Time Analysis

In the long term, AI is poised to revolutionize cybersecurity by becoming proactive. Chris painted a vision where AI systems proactively configure and secure environments at their inception. He predicts:

*"Long term, I think that AIs will be used to proactively configure environments as they're stood up. And even as data is flowing, let's say that you have data flowing within the environment that shows early signs of an attacker. I think AIs will proactively secure resources based upon the concern.*

*What are the riskiest assets? If I understand who the attacker might be, I may then be able to secure assets related to where that attacker might go. In essence, I think we'll see a lot more predictive analysis going on in real-time with real-time security applied. It'll be an interesting field to see how we get there, but I think long term that is, that's where AI is going to end up."*

By preemptively securing resources and deploying real-time security measures, organizations can mitigate risks associated with specific threat actors. Predictive analysis will empower AI systems to prioritize safeguarding the most critical and vulnerable assets. This proactive and real-time approach will transform the way organizations defend against cyberthreats.

The integration of AI in cybersecurity offers immense potential to enhance our defense strategies. From serving as a co-pilot, providing critical insights during attacks, to automating incident response and proactive security measures, AI is shaping the future of cybersecurity. However, it is crucial to remember that AI is not a panacea. Human expertise and collaboration remain essential to ensure the accuracy, reliability and ethical implementation of AI-driven cybersecurity measures.

As we continue to navigate an increasingly complex digital landscape, harnessing the power of AI in cybersecurity will be instrumental in safeguarding organizations from potential harm. By embracing AI's predictive capabilities, organizations can better prepare for attacks, analyze configurations, and create robust solutions to protect their critical data. Together, human ingenuity and AI innovation will pave the way for a more secure digital future.

Want to learn more about the impact of AI in security? Chris shares his thoughts on [*The Role of AI in Reshaping Cybersecurity Careers.*](https://www.paloaltonetworks.com/blog/security-operations/the-role-of-ai-in-reshaping-cybersecurity-careers/?ts=markdown)

**Never miss our ongoing "AI's Impact in Cybersecurity" blog series.** [**Subscribe to the Cortex SecOps blog**](https://www.paloaltonetworks.com/blog/security-operations/subscribe/?ts=markdown)**today and receive a weekly digest every Friday, direct to your inbox.**

*** ** * ** ***

## Related Blogs

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Who's the Boss? Teaming Up With AI in Security](https://www.paloaltonetworks.com/blog/2024/02/teaming-up-with-ai-in-security/)

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown)

[#### NL2XQL: Turning Natural Language into Powerful Cybersecurity Querying](https://www.paloaltonetworks.com/blog/security-operations/nl2xql-turning-natural-language-into-powerful-cybersecurity-querying/)

### [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### AI Provides an Rx for Cybersecurity in Healthcare](https://www.paloaltonetworks.com/blog/2024/07/ai-provides-an-rx-for-cybersecurity-in-healthcare/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### AI's Offensive \& Defensive Impacts](https://www.paloaltonetworks.com/blog/2024/05/ais-offensive-defensive-impacts/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### The Power of AI Assistants and Advanced Threat Detection](https://www.paloaltonetworks.com/blog/2024/04/ai-assistants-and-advanced-threat-detection/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### AI, Cybersecurity and the Rise of Large Language Models](https://www.paloaltonetworks.com/blog/2024/04/ai-cybersecurity-and-large-language-models/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language