Fighting AI with AI in cybersecurity

Artificial intelligence (AI) is revolutionising industries, boosting efficiency and transforming workflows. But as AI becomes more integrated in daily life, it is also creating vulnerabilities, opening the door to increasingly sophisticated cyberattacks.

At global cybersecurity company Palo Alto Networks’ Ignite on Tour Singapore 2025 conference in March, industry leaders gathered to discuss AI’s growing influence on the digital threat landscape. As AI-powered attacks become more advanced, organisations must rethink their security strategies.

In remarks shared during a post-event interview, Mr Steven Scheurmann, regional vice-president of ASEAN at Palo Alto Networks, said that operational complexity, fragmented IT and security functions, and the rapid adoption of AI and automation by threat actors are the key cybersecurity challenges today.

To stay ahead, organisations need a hybrid-by-design approach, where security is built in from the outset alongside AI and cloud infrastructure. One key enabler of this shift is platformisation – the integration of security technologies across the organisation to help break down silos, safeguard AI initiatives and build a coordinated defence posture.

“Embedding security into AI-driven operations from the start helps ensure that organisations can stay ahead of attackers, rather than playing catch-up,” Mr Scheurmann said, referencing findings from Palo Alto Networks’ joint research with IBM.

THE RISE OF AI-ENABLED THREATS

AI has lowered the barrier to entry for cybercriminals, allowing them to automate attacks, craft convincing phishing campaigns and develop advanced malware with unprecedented ease.

In his keynote address, guest of honour Edward Chen, deputy chief executive (National Cyber Resilience) of the Cyber Security Agency of Singapore, cautioned that AI-enabled cyberthreats are accelerating in both scale and sophistication. He cited a December 2024 report by Palo Alto Networks threat intelligence arm, Unit 42, which found that large language models could generate malware variants that evade detection 88 per cent of the time. “Imagine the implications of malware that can bypass traditional security measures nearly nine out of 10 times,” he said.

Beyond known vulnerabilities – such as misconfigurations, unpatched systems and weak credentials – AI has introduced new types of cyberattacks. One example is prompt injection attacks, where adversaries manipulate AI models into exposing sensitive data or executing harmful commands.

Mr Scheurmann also flagged the surge in financially motivated cyberattacks designed to disrupt operations, with ransom demands nearly doubling in the past year. Other rising threats include the misuse of stolen data for blackmail, harassment or sale on dark web marketplaces as well as browser-based attacks, which account for 44 per cent of security incidents, according to the Unit 42 2025 Global Incident Response Report.

These developments add another layer of complexity. Organisations must navigate breach disclosures, data security laws and contractual obligations – all of which can carry significant regulatory and reputational consequences. “Without visibility into how data is accessed and shared – especially with the proliferation of AI tools – businesses can face serious challenges in compliance and the protection of sensitive information,” Mr Scheurmann emphasised.

The growing sophistication of cyberattacks is also driving up costs. Mr Andy Piazza, senior director of threat intelligence at Unit 42, noted that large-scale breaches are inflicting damage in the billions. “Threat actors – and researchers like us – are successfully leveraging AI at different stages of the kill chain,” he said, referring to the various phases of a cyberattack, from reconnaissance to data transfer. With AI accelerating every step, attacks are becoming more frequent, targeted and difficult to stop, he added.

Still, experts agree that AI is not just a weapon for attackers – it is also a powerful asset in defence. “After all, you don’t bring a knife to a gunfight,” said Mr Chen. “If cybercriminals are using AI-driven tactics, we must do the same.”

SMARTER PROTECTION WITH PRISMA ACCESS BROWSER

To stay ahead of AI-powered attacks, organisations should start their defences at one of the most vulnerable points – the browser.

From cloud-based tools to everyday communication platforms, the modern workplace runs largely on web applications. Yet traditional security often fails to protect users at the point of access, leaving browsers exposed to phishing, account takeovers, malware and malicious extensions.

Mr Simon Green, president of Palo Alto Networks Asia Pacific and Japan, shared: “85 per cent of work now takes place on the browser, with 64 per cent of browser traffic encrypted. That creates blind spots. Without the right safeguards in place, the browser becomes a critical vulnerability.”

If sensitive data in third-party applications is accessed via an AI-driven prompt, it can pose a serious security risk. To address this, Palo Alto Networks’ Prisma Access Browser delivers real-time protection directly within the browser. It proactively identifies and blocks risks as users work and collaborate across cloud apps and devices.

“In this era of hybrid work, securing the browser is more critical than ever,” said Mr Scheurmann. “Prisma Access Browser is purpose-built for this, embedding advanced features that give organisations real-time visibility and enforce access controls – no matter the device.”

The browser’s built-in data loss prevention capabilities provide granular control over actions like screen sharing, clipboard use and file transfers – based on factors such as user profile, device security status and usage context. This helps keep sensitive data secure, even in remote or bring-your-own-device environments, where employees use personal devices for work.

Through cloud infrastructure investments in Australia, India, Indonesia, Japan and Singapore, the solution is integrated into existing systems in these key markets, helping organisations strike a balance between security and productivity.

WORKING TOGETHER FOR A SAFER FUTURE

Securing the digital landscape in the age of AI takes more than just advanced technology – it requires collaboration across industries.

As part of its commitment to building a safer digital ecosystem, Palo Alto Networks is working closely with industry, government and academia. Among its initiatives are Cyber Safe Kids and tailored curricula and technical resources for universities in Singapore – aimed at equipping the next generation of cybersecurity professionals with the skills to tackle emerging threats.

Mr Scheurmann noted that cybercriminals often share tools, tactics and intelligence in a highly coordinated manner, which gives them a distinct advantage. In contrast, the cybersecurity industry has traditionally operated in silos, limiting its ability to respond effectively. “The key to combating AI-driven threats is collaboration. Governments, businesses and cybersecurity firms must work together, sharing insights, strategies and technologies to build a unified defence.”

This spirit of collaboration was a recurring theme at Ignite on Tour Singapore 2025. Echoing the call for joint action, Mr Chen stressed the importance of collective responsibility. “No single entity can secure cyberspace alone. But together, we can turn AI into our greatest advantage, not our greatest vulnerability.”

Discover how Palo Alto Networks’ Prisma Access Browser can help secure your organisation in an AI-driven world.