Cybersecurity is in the midst of a fresh arms race, and the weapon of powerful choice in this new era is AI.
AI offers a classic double-edged sword. A powerful shield for defenders and a powerful new tool for those with malicious intent. Navigating this complex battlefield requires a deep understanding of both the steady hands and the technology and those who abuse it.
To get a view from the forefront, AI News has caught up with Rachel James, Headmaster of global biopharmaceutical company Abbvie.
“In addition to augmenting the build-in AI that the current tool offers vendors, we also use LLM analysis of detection, observation, correlation and related rules,” explains James.
James and her team use a massive language model to sift through mountains of security alerts, search for patterns, find duplicates, and find dangerous gaps in defense before attackers can.
“We use this to determine similarity, replication and provide gap analysis,” she adds, saying the next step is to weave more external threat data. “We are trying to enhance this by integrating threat intelligence in the next phase.”
At the heart of this operation is a professional threat intelligence platform called OpenCti. This helps to build a unified image of threats from the ocean of digital noise.
AI is the engine that enables this cybersecurity effort, employing a huge amount of cluttered, unstructured text and neatly organized into a standard format known as STIX. According to James, the epic vision is to use a language model to link this core intelligence to all other areas of security operations, from vulnerability management to third-party risks.
However, healthy doses are required to harness this power. As a key contributor to major industry initiatives, James is keenly aware of the pitfalls.
“If I didn’t mention the work of the amazing group of people I’m involved in, I would repent. The basic way to understand the vulnerabilities Genai can introduce is “Genai’s Owasp Top 10,” she says.
Beyond certain vulnerabilities, James points out three fundamental trade-offs that business leaders must face.
- Accepts the risks associated with the unpredictable nature of creative but often generative AI.
- Loss of transparency in the way AI reaches conclusions is a problem that only grows as the model becomes more complex.
- Risk hype that inadequately determines the true return on investment of AI projects can easily overestimate the benefits or underestimate the efforts needed in such rapidly moving areas.
To build a better cybersecurity attitude in the age of AI, we need to understand attackers. This is where James’ deep expertise comes into play.
“This is actually my specific expertise. I have a background in cyberthreat intelligence and have conducted and documented extensive research into the interest, use, and AI development of threat actors,” she points out.
James actively tracks enemy chatter and tool development through her open source channels and her own automated collections, sharing her findings on her Cybers Jinjitbu. Her job includes getting her hands dirty.
“As a lead in OWASP’s rapid injection entry and co-author of the Red Team Genai Guide, I will spend my time developing my own hostile input techniques and maintaining a network of experts in this field,” adds James.
So, what does this mean for the future of the industry? For James, the path to advance is clear. She points to the fascinating parallels she discovered several years ago. “The cyberthreat intelligence lifecycle is roughly the same as the data science lifecycle underlying an AI ML system.”
This alignment is a great opportunity. “Undoubtedly, in terms of data sets we can manipulate, defenders have a unique opportunity to harness the power of intelligence data sharing and AI,” she argues.
Her final message provides both encouragement and warning to fellow peers in the cybersecurity world. “Data science and AI will become part of the lives of all cybersecurity professionals moving forward.
Rachel James shares this year’s insight AI & Big Data Expo Europe In Amsterdam from September 24th to 25th, 2025. Be sure to check out the second day’s presentation on “From Principles to Practice – Embedding AI Ethics on a Large-Scale.”
reference: Google Cloud announces security team AI Ally
Want to learn more about AI and big data from industry leaders? Check out the AI & Big Data Expo in Amsterdam, California and London. The comprehensive event will be held in collaboration with other major events, including the Intelligent Automation Conference, Blockx, Digital Transformation Week, and Cyber Security & Cloud Expo.
Check out other upcoming Enterprise Technology events and webinars with TechForge here.
