New Pillsbury Report Explores the Benefits and Risks of AI in Cybersecurity

“As the public and private sectors have embraced digital transformation, their vulnerability to cyber threats has expanded considerably,” said Pillsbury’s firmwide Technology Industry Group leader Justin Hovey. “However, AI tools are well-suited to address some of the largest gaps in existing cyber defenses. Our hope is that this research can help organizations better understand the technology and therefore better protect themselves and the individuals they serve.”

The research features extensive interviews with leading experts including AJ Abdallat (CEO, Beyond Limits), Johan Gerber (EVP Security & Cyber Innovation, MasterCard), Ansgar Koene (Global AI Ethics & Regulatory Leader, EY), Jessica Newman (Program Lead, AI Security Initiative, UC Berkeley), Marietje Schaake (President, CyberPeace Institute and International Policy Director, Cyber Policy Center, Stanford University), Leo Simonovich (VP & Global Head of Industrial Cyber and Digital Security, Siemens Energy) and Monique Shivanandan (CISO, HSBC). It also contains perspectives from Pillsbury lawyers, including David Stanton’s views on the value of cyber risk ratings and Rafi Azim-Khan’s take on the potential impact of the European Union’s AI Act.

Some of the data collected and examined in the report:

• On average, it takes approximately nine months to identify and contain a data breach (207 days to detect the issue and another 73 to rectify it).
• The worldwide average cost for a data breach in 2020 was US$3.86 million.
• Business email compromise events increased by more than 50% in 2020, while ransomware attacks were up by 160%, and third-party and supply chain intrusions almost tripled.
• Data security is the No. 1 reason many professionals are deploying AI, and nearly half of executives in Asia-Pacific, Europe, and the U.S. (48.9%) think AI/machine learning is the best tool to counter nation-state cyberattacks.
• The market value of AI in cybersecurity is predicted to reach US$46.3 billion by 2027.

To read the full report, click here.

Pillsbury lawyers advise public and privately held businesses on all manner of cybersecurity, data protection and privacy law issues, with particular experience in the technology, energy, financial, communications, defense/government contracts and health care sectors, as well as with critical infrastructure generally. Our multinational team of regulatory authorities, litigators, transactional lawyers, intellectual property counsel, government contracts practitioners and legislative strategists work closely with clients worldwide to monitor the rapidly changing data and cyber landscapes and tackle related security challenges.

The firm’s multidisciplinary AI team likewise advises companies and government agencies on the technical complexities of artificial intelligence, as well as the evolving regulatory and legal standards that apply to it. Whether in relation to machine learning, natural language processing or neural network projects, we work hand-in-hand with AI innovators, early adopters and investors to address the full range of commercial, regulatory and liability concerns they encounter.