Around AI in Cybersecurity: Threats, Protection, and Automation. First Block

Sergiy immediately outlined the main dilemma: artificial intelligence has already become a commonplace tool for employees, but control over its use is only forming.

Sergiy Kulyk, Regional Manager of iIT Distribution:

“If you want to engage people with any publication, just add the words ‘AI’ and ‘cybersecurity’. But behind this popularity lies a real challenge for business – the uncontrolled use of artificial intelligence by employees.”

Oleh Polihenko, CISO of Nova Group, pointed out that today the biggest risk for companies is not associated with hackers, but with the uncontrolled use of AI by employees. Nova Group actively implements artificial intelligence in logistics, customer support, and process automation. However, this leads to new challenges: employees begin to automate correspondence, client responses, or analytical tasks using public AI services.

To mitigate risks, several levels of control have been implemented in the company. The first is information security policies that regulate the use of AI. The second is the use of corporate AI solutions in a controlled environment. The third is technical tools for preventing data leaks and filtering requests to AI systems.

The key principle of Nova Group’s approach is not to prohibit the technology but to ensure its controlled use.

Yurii Shatylo, CISO at MHP, noted that in the industrial sector, the implementation of AI requires a balance between innovation and security.

At MHP, the problem of shadow AI was partially solved by developing their own models. This allows employees to work with such tools in a controlled corporate environment.

The company also monitors user requests to public AI-based services and isolates internal systems in separate network segments.

However, Yurii acknowledges that it is impossible to completely exclude the use of third-party services, as employees may work with them on their personal devices.

Maksym Yashchenko, CISO Ukrsibbank (BNP Paribas Group) emphasized that AI threats are similar across all industries. The main difference for the financial sector lies in the scale of potential losses. He stated that the main problem today is that users have started actively using AI tools without sufficient understanding of their limitations.

Meanwhile, banks are actively using such technologies for automating employee tasks, supporting contact centers, and quickly searching for information in a large number of internal policies and procedures.

Clear rules for AI use have already been implemented in international financial groups. For example, BNP Paribas even provides backup scenarios in case the relevant systems become unavailable.

Maksym identified a separate risk as the use of generative AI for writing software code, which may create new vulnerabilities or backdoors in corporate systems.

Taras Loboda, CISO Universal Bank / monobank noted that artificial intelligence is already being actively used in both cyber defense and cybercrime.

In the bank, the use of AI by employees is allowed only through corporate tools, including proprietary solutions and MS Copilot.

At the same time, artificial intelligence has significantly improved the quality of phishing attacks and allowed hacker groups to automate part of cyber operations.

Another problem Taras mentioned is the insufficient sharing of information about cyber incidents between companies. Due to the reluctance to publicly discuss attacks, businesses often do not share important information that could help other organizations prepare for new threats.

Yevhenii Kudrevych, CISO of Diia, emphasized that the use of AI in state digital services is based on international risk management standards.

According to him, the Diia platform does not store personal data but only provides access to state registers. ISO 42001 and the NIST AI Risk Management Framework standards are applied in the work, which regulate risk assessment and ethical use of AI. Yevhenii also suggested dividing AI systems into public and corporate. In the first case, there is a risk of data transfer outside the organization, whereas corporate solutions allow for data retention within the infrastructure.

A separate future challenge he mentioned is the emergence of AI agents that can access systems, work with APIs, and interact with critical infrastructure.

Yevhenii Kudrevych, CISO of Diia:

“In 2023, Gartner released a very good article that stated: business will embrace AI despite security limitations. And indeed, if we evaluate the impact on business, the use of large language models will lower business process costs and bring more revenue, security will not be able to prohibit this. Unfortunately, in the race for AI, security will always be behind.”

The discussion showed that regardless of the industry, companies face similar challenges. Artificial intelligence is rapidly becoming a standard work tool, and prohibiting its use is practically impossible.

Instead, organizations are shifting to a different model:
• creating internal AI platforms
• implementing AI usage policies
• controlling data transmission to public services
• training employees to work with new tools

At the same time, artificial intelligence is already changing cybersecurity itself. It helps automate protection but also empowers cybercriminals.

Therefore, the main task for businesses and the state today is not to restrain the development of technology, but to learn how to manage its risks while maintaining a balance between innovation, security, and efficiency.