SERMA Blog | Artificial Intelligence into security projects

Cyberattacks continue to multiply and grow more sophisticated, targeting both large corporations and small organizations alike. In the face of this phenomenon, traditional cybersecurity approaches struggle to keep up. The question is simple: how can we stay one step ahead of cybercriminals?

This is where artificial intelligence (AI) comes into play. With its ability to analyze vast amounts of data in real time and detect suspicious behavior where the human eye might see nothing, AI brings a new dimension to cybersecurity. But beyond the promises, how does AI actually work in this field? And what challenges remain to be addressed?

In this article, we explore how AI has become an essential ally in the fight against cyber threats, highlighting its advantages, limitations, and concrete examples of its application.

1. How AI is reinventing cybersecurity

1.1 What is AI and why is it a game changer?

Artificial intelligence is the ability of a computer system to learn and adapt. Unlike traditional rule-based approaches, AI relies on algorithms to analyze data, identify patterns, and even anticipate threats.

In cybersecurity, this marks a major shift: instead of reacting only to known threats, we move toward proactive protection, capable of adapting to constantly evolving attacks.

1.2 The current challenges of cybersecurity

The volume of data to protect is immense, and cybercriminals are constantly innovating: malware, phishing, ransomware… Cybersecurity rests on three fundamental pillars:

Confidentiality: Your data remains private.
Integrity: It is neither altered nor corrupted.
Availability: It remains accessible when you need it.

With the emergence of new threats, these principles are increasingly difficult to guarantee without powerful tools such as those offered by AI.

2. The superpowers of AI in cybersecurity

Detecting threats before it’s too late

Where a human analyst might miss a subtle network anomaly, AI excels. For example, Darktrace, a machine learning-based tool, can detect suspicious behaviors and prevent cyberattacks before damage occurs.

Automating incident response

Imagine software isolating a compromised computer within seconds, without human intervention. Many AI-based solutions enable this, significantly reducing response time—a critical factor in limiting damage during an attack.

Countering phishing

Phishing remains one of the most common attack techniques. AI systems deeply analyze emails to spot inconsistencies such as forged email addresses or suspicious links, thus protecting organizations from scams.

Protecting users from within

Insider threats—whether malicious intent or simple human error—make up a large portion of security breaches. By studying user habits, AI can alert on unusual behavior, such as an employee accessing sensitive files outside normal hours.

Identifying vulnerabilities before attackers

Tools like Tenable.io help companies detect system weaknesses before cybercriminals exploit them. Thanks to AI, these vulnerabilities are not only identified but also prioritized for remediation.

3. Why companies are embracing AI with open arms

Faster and more effective detection: AI can analyze millions of data points in seconds, something impossible for a human team.
Reduced human error: By automating certain critical tasks, AI eliminates risks linked to human mistakes, such as oversights or misconfigurations.
Adaptability to the unknown: AI continuously learns, adjusting to new threats as they emerge.
Saving time and resources: By offloading repetitive tasks to AI, human analysts can focus on complex issues that require their expertise.

4. The challenges AI still has to overcome

Costly mistakes

AI systems are not infallible. A false positive can disrupt legitimate activity, while a false negative can let a real threat slip through.

AI in the hands of cybercriminals

Attackers also use AI to design more sophisticated malware capable of evading detection systems.

A significant investment

Integrating AI into a cybersecurity strategy requires substantial resources: expertise, infrastructure, and sometimes a high initial cost.

Ethical concerns

Finally, issues such as algorithmic bias and concerns over personal data protection must not be overlooked. AI should remain a transparent tool that respects users’ rights.

5. Some concrete examples

IBM watson for cyber security: By leveraging millions of reports, Watson helps companies identify complex threats and respond more quickly.
Vectra AI: This tool, specialized in cloud and SaaS environments, is a valuable ally for detecting threats in real time.
Darktrace: A self-learning AI that relies on behavioral analysis to spot anomalies in networks.
GRC use case

While AI is mainly used in cybersecurity for threat detection and incident response automation, it also plays a key role in governance and compliance. A concrete example is its use in managing IT contracts and ensuring vendor compliance.

Within the ISP (Information Security & Privacy) unit of a financial institution where I recently worked, we used AI to compare internal security requirements against the security assurance plans (PAS) of service providers.

Challenge

When a bank outsources certain IT services, it must ensure that the provider complies with strict cybersecurity requirements (access management, data protection, regulatory compliance). However, these documents are often lengthy and technical, making manual comparison tedious and prone to errors.

AI-based solution

We used a structured prompt in AI to compare:
- The bank’s security requirements (internal requirements, regulatory standards).
- The IT provider’s security assurance plan.
The AI automatically identifies gaps between the two documents.
Based on these results, critical security clauses are added to IT contracts to ensure enhanced protection.

Results and benefits

Time savings: AI accelerated a process that would have taken several days manually.
Improved reliability: Reduced risk of human error in comparing requirements.
Secured IT contracts: Inclusion of essential clauses to minimize the risk of breaches via third-party providers.
Regulatory alignment: Compliance with banking and regulatory standards (e.g., ISO 27001, NIS2, GDPR).

AI: an essential ally

Artificial intelligence is redefining the rules of cybersecurity. With its capabilities for analysis, adaptation, and automation, it enables organizations to strengthen their resilience against increasingly complex threats.

However, AI is not a magic bullet. To get the most out of it, it must be integrated strategically and ethically. Organizations must also remain vigilant about the new challenges it brings, such as its potential misuse by cybercriminals.

And you, where do you stand?

Whether you want to strengthen your cybersecurity or explore the latest innovations, AI offers unprecedented opportunities. Share your experiences or reach out to our experts to learn more. Together, let’s rise to the challenge of cyber threats.