With the emergence of generative artificial intelligence, and the dawn of General Artificial Intelligence (GAI), we wanted to imagine scenarios for the use of AI in cybersecurity solutions by 2050.
The aim of this fantasy tale is to get you thinking about your use of AI, and to offer you some food for thought.
From machine learning to digital intuition
The year is 2049. Alexandre Renaud, Information Systems Security Manager (ISSM), is on his way to the head office of UnityRisk, a leading insurance company.
After switching on his workstation using vital and biological parameter recognition, he consults his daily security diagnostics using ALFRED (Artificial Logic for Full-spectrum Response and Enterprise Defense). This general-purpose artificial intelligence (AGI) has been designed to support him in managing cybersecurity issues.
Since the late 2040s, the notion of identity has disappeared, the password having been abandoned following the failure to develop post-quantum encryption.
To ensure user identification, AGI has evolved its notion of machine learning into digital intuition. This new capability enables artificial intelligence to make decisions in a context where some of the information required for decision-making is missing. A new paradigm that significantly increases detection thresholds, particularly through weak signals, and reduces false positives.
Digital intuition can be found everywhere, enabling the implementation of an adaptive, real-time policy for dealing with cyber threats and extortion attempts. In 2050, "alert fatigue" no longer exists, as SOC operators have been replaced by software agents developing judgment capabilities with the help of digital intuition. An answer to the recruitment difficulties facing cybersecurity professionals in the 2030s.
From the automatic configuration of network segmentation rules to the monitoring of standards and regulations, the entire enterprise information system evolves in real time, like an immune system adapting its defense mechanisms in response to new pathogens.
The human factor is no longer the driving force: its role is to guide the operation of the AGI.
Against a backdrop of climate urgency, smart cities have become the norm
Against a backdrop of climate emergency, UnityRisk's premises are hyperconnected. Temperature, air and water quality sensors, robots, drones: the company's environmental impact is continuously monitored by the French government, and must remain below a given threshold or face immediate closure.
For Alexandre Renaud, cybersecurity constraints have been joined by environmental constraints. For every cybersecurity requirement, there is an associated environmental cost that must not be exceeded.
This is why distributed edge computing infrastructures hosting artificial intelligence models have replaced water-hungry cloud-hosted instances.
Controlled by the AGI, in cold weather, this equipment in each room warms the space by the heat it generates, thus reducing energy requirements. In hot weather, these blockchain-based devices distribute the load and switch off in turn, so as not to exceed a predefined temperature indicator.
For the SSI team in charge of supervision, traceability is no longer limited to the company's human collaborators: it now integrates the machine language of autonomous equipment such as robots, drones and level 5 autonomous vehicles. Each company has developed its own standard, and the cybersecurity management platform transcribes on-the-fly into a single format the data sources received by all connected equipment.
An enlarged attack surface
The technological innovations of the last 30 years have considerably expanded the attack surface. In 2050, the new Neuralink chips will incorporate all the skills a human operator needs to operate at his or her workstation.
While higher education is no longer a prerequisite for taking up a position of responsibility, ensuring the veracity of the information imparted by the chip is a key safety and security issue for companies.
That's why quality control standards for the day-to-day behavior of company employees and service providers are now an integral part of new regulations.
Relying on surveillance cameras, AGI is able to detect suspicious behavior and notify the SSI team, with the aim of registering a compliance deviation and enabling further control.
And what if 2050 was finally tomorrow?
If our story sounds fantastic, you should know that some of these concepts are currently at work in 2024.
- Companies such as cybersecurity publisher Kaspersky are looking into the creation of a concept of cyberimmunity including a pillar called "digital intuition".
- Cybersecurity vendor Juniper is currently developing features for self-configuring computer networks using generative artificial intelligence (GAI).
- INRIA is currently working on two projects: AI@EDGE, a reusable, secure and reliable artificial intelligence, hosted in an edge computing instance as an alternative to cloud computing. And EDGE, an industrial project in partnership with Qarnot and ADEME, which aims to reuse IT waste heat to reduce the energy footprint of tomorrow's factories.
- In 2024, Elon Musk's company Neuralink has just integrated its first chip into a patient's brain, with the aim of restoring mobility to people with disabilities. Many specialists are already asking what additional capabilities Neuralink will be able to provide once its brain-machine interface is operational. One of them is to add skills to a human.
It's impossible to know what tomorrow will bring, especially in a field as ever-changing as cybersecurity. Even so, it's always useful to look ahead, and in turn to question the way we interact with AI today.