Application-Security-Manager-How-AI-Changed-the-Game.pdf

The average cost of a data breach in 2024 has spiked to $6.5 million per incident, a 150% increase on 2020.

Astonishingly, around 50% of these attacks are estimated to have been either AI generated or developed.

85% of cybersecurity professionals attribute the increase to the use of AI by bad acto...

The average cost of a data breach in 2024 has spiked to $6.5 million per incident, a 150% increase on 2020.

Astonishingly, around 50% of these attacks are estimated to have been either AI generated or developed.

85% of cybersecurity professionals attribute the increase to the use of AI by bad actors. This sudden rise in AI enabled cyber attacks is also in stark contrast with the long documented cybersecurity skills shortage, putting ever more pressure on cybersecurity management.

This extreme pace of change has transformed the role of application security managers, who are ultimately responsible for the holistic security of an application.

In modern IT, that application will typically be a SaaS or a custom software solution, all hosted on cloud.

And in terms of application security, this is likely to be coming under growing AI-generated attacks such as smart automated vulnerability scans with highly contextual input injections, using GenAI for advanced personal phishing attacks and generating customized trojans.

The role of application security manager has been impacted by these meta-trends, growing strategic and complex as the variety, scale, and sophistication of cyber attacks have grown exponentially.

We are living in a world where anyone can buy live 2FA-protected session tokens for internet banking users of large banks for less than $10 on the dark web. AI is clearly playing an increasing and accelerating role here.

AI can be used by bad agents, for example to generate deep fake fraud or to create customized malware at scale, or by good agents, such as those using AI-powered tools for account monitoring and fraud prevention.