We are seeing AI be a huge enabler of data trawling and training. As a result even less experienced threat actors are able to increase their skills set more rapidly than before to leapfrog the development or entry-barrier we have seen in the past... basically, quicker and cheaper cost of entry.

26 September, 2024 12:07

Thanks

26 September, 2024 12:08

By automating the generation of sophisticated phishing emails or devising new malware, AI-Powered cyber attacks can target systems with scale and precision.

26 September, 2024 12:08

Furthermore ,How can AI be used to automate vulnerability detection and exploitation by cybercriminals&What are adversarial attacks on AI models, and how do they pose a threat to AI-driven defenses?

26 September, 2024 12:08

What are the possible certifications one can acquire for handling AI cyberattacks

26 September, 2024 12:10

Thanks Paul. One opinion I've heard is that while yes attackers are now able to use AI to lower the entry of making attacks (the next generation of 'script kiddies'), to offset that somewhat - we can use AI to analyse threat intelligence reports / aide automation with incidents and even perhaps utilise AI to monitor traffic. So perhaps, to some extent - they can cancel out (not that it's ever that simple of course)

26 September, 2024 12:12

Hi Sreejith, thanks for the questions. I think because of the nature of AI cyberattacks - how they are so wide-ranging and part of a constantly shifting threat landscape - it is hard to find up-to-date certifications. Definitely the best way to keep up with AI cyberattacks is the news or specific industry resources (SANS, Gartner). Some good AI certifications I have found are the Microsoft AI Fundamentals one, which is not so much about the cyberattacks but gives you a good grounding :)

26 September, 2024 12:14

Good point Pete... I'm sure there is some cancelling out to be done. But our challenge there is actually our caution and required guardrails in general. We are doing this cautiously and in a controlled manner to stop ourselves introducing more risk and vulnerabilities and while we do that threat actors can just keep throwing AI based ideas at the all to see what sticks... it's the classic cyber arms race, but at a pace we've not seen before.

26 September, 2024 12:14

The arms race is a good analogy, thanks

26 September, 2024 12:16

May i know what are the key vulnerabilities associated with AI systems in cybersecurity?

26 September, 2024 12:18

Hi Sreejith, EY is making a huge investment into learning and development to build mindset and confidence to use AI in the work we do. Starting with AI Now and Foundational AI Learning to understand the basics through to EY Badges (11 Badges available across AI Engineering, Applied AI, or Responsible AI at either Learning, Bronze or Silver level, as well as Gold AI and Platinum AI Badges) :)

26 September, 2024 12:19

Thank you Tom and Suzanne

26 September, 2024 12:24

What is the minimum level of expertise that is expected from a person who wishes to join the uk cybersecurity team?

26 September, 2024 12:33

Hey Sreejith, I can answer for my own career journey but not too sure what level of experience you have, hope it's still helpful though! I joined last September into the Cyber Consulting Graduate Scheme (two years long). I didn't study cyber or compsci at university, but knew I was really interested in Cyber from different competitions or courses I had done at school. In terms of a minimum level, I would say that all you should definitely have to join as a graduate is enthusiasm for the field (you GET excited when Cyber is on the news, or playing with Kali Linux is FUN to you, or getting under the skin of an organisation and changing the way Cyber is done interests to you) as that can keep you going when things get tough! Cyber is a changing field and so any certifications I recommend for a graduate to do would more be "see if it excited you and you want to learn more after doing this". Happy to clarify anything if needed

26 September, 2024 12:39

Do grads at EY still do CompTIA Security+ in their first 2 years?

26 September, 2024 12:44

Yep, you complete Security+ in your second year and in your first year a different qualification called CISMP - Certificate in Information Security Management Principles

26 September, 2024 12:45

Cool thanks

26 September, 2024 12:46

Thanks Tom

26 September, 2024 12:46

If you are more interested in the Cyber Engineering offerings (see document) that we have and want to develop your skills there, then you can also complete CompTIA Network+ which is a bit more technical

26 September, 2024 12:46

I think one of the great things about EY Cyber is the range of different qualifications you can take - earlier this year I got to take a course on and become qualified in European Data Protection Law, which was a field in Cyber I hadn't come across before and found it really insightful! It's a great way to get an intro into the subject before going on to work with clients in

26 September, 2024 12:47

Thank you Tom. I've added myself to the technology talent pool. Thanks for the input from you and your peers today.

26 September, 2024 12:57

Amazing, that's great to hear! Thank you for your engagement and please reach out if you have any further questions :)

26 September, 2024 12:58

Thanks All for the inputs

26 September, 2024 12:59