METHODOLOGICAL PRINCIPLES OF ASSESSING THE IMPACT OF ARTIFICIAL INTELLIGENCE ON THE INFORMATION SECURITY OF MANAGEMENT SYSTEMS OF ENTERPRISES

Kostiantyn Zavrazhnyi; Anzhelika Kulyk

doi:10.32782/2786-765X/2024-7-10

Kostiantyn Zavrazhnyi Sumy State University https://orcid.org/0000-0002-0408-0269
Anzhelika Kulyk Sumy State University https://orcid.org/0009-0009-0743-8973

DOI: https://doi.org/10.32782/2786-765X/2024-7-10

Keywords: cybersecurity, enterprises, artificial intelligence, cyber resilience, cyber threats

Abstract

The study focuses on the urgent problem of ensuring cybersecurity of modern enterprises in the context of the widespread implementation of artificial intelligence (AI) technologies. Given the growing number and complexity of cyberthreats, the authors analyze in detail how AI can be an effective tool for detecting and countering cyber threats, as well as the challenges associated with its use. The article discusses adversarial attacks, data poisoning attacks, and the use of deepfake technologies as tools for manipulation in cyberspace. The authors propose a modern approach to assessing cyber risks based on a modification of the GRS method, which allows classifying information assets of enterprises by level of vulnerability and developing effective protection strategies based on identification of cybersecurity priorities. The practical application of the proposed approach is demonstrated in a case study using the Google Drive platform as a example. The research uses generative artificial intelligence model Gemini, which allows identifying weaknesses in security systems, analyzing potencial risks and providing recommendations for eliminating vulnerabilities. Along with the benefits of AI implementation, such as automation of monitoring processes, analyzing big amounts of data in real time and predicting potencial threats, the study identified a number of challenges. In particular, the complexity of configuring and maintaining systems, the need for specialized knowledge to support them, the problem of algorithm transparency, and the risks of manipulation and attacks by intruders. The authors emphasize the importance of staff training for work with AI systems, including both technical knowledge and understanding of cyberspace risks. The need to develop clear policies for the use of these technologies is particularly emphasized. The study findings confirm that artificial intelligence can significantly improve the cybersecurity of multidisciplinary enterprises, but it requires a comprehensive approach. For effective use of the technology, the authors recommend improving attack detection algorithms, integrating ethical principles into the operation of systems, and developing strategies for the long-term development of enterprise cyber resilience.

References

GenAI in Cybersecurity: Friend or Foe? Report Voice of SecOps 2024. Deep Instinct. Available at: https://info.deepinstinct.com/voice-of-secops-v5-2024?_ga=2.90597402.180254519.1732114564-1531014459.1732114564

Shankarapani M., Ramamoorthy S., Movva R. et al. (2011) Malware detection using assembly and API call sequences. J Comput Virol, vol. 7. DOI: https://doi.org/10.1007/s11416-010-0141-5

Das R. & Sanndhane R. (2021) Artificial intelligence in cyber security. Journal of physics: conference series, vol. 1964. DOI: https://doi.org/10.1088/1742-6596/1964/4/042072

Dvorskyi V., Ponomarenko M. & Verkhusha O. (2024) Innovative strategies for increase competitiveness of companies in the digital era: from market analysis to implementation of technologies. Economic Synerge», vol. 3. DOI: https://doi.org/10.53920/ES-2024-3-7

Nakrekanti M. & Polisetti R. (2024) Exploring artificial intelligence in cybersecurity within the Industry 4.0 framework: a comprehensive survey. Journal of Engineering Sciences, vol. 15 (04). DOI: https://doi.org/10.15433.JES.2024.V1514.43P.232

Mubarakova S., Amanzholova S. & Uskenbayeva R. (2022) Using machine learning methods in cybersecurity. Eurasian Journal of Mathematical and Computer Applications, vol. 10 (1). DOI: https://doi.org/10.32523/2306-6172-2022-10-1-69-78

Radanliev P., De Roure D., Walton R. et al. (2020) Artificial intelligence and machine learning in dynamic cyber risk analytics at the edge. SN Applied Sciences, vol. 2 (11). DOI: https://doi.org/10.1007/s42452-020-03559-4

Heather C. & Magramo K. (2024) Finance worker pays out $ 25 million after video call with deepfake ‘chief financial officer’. CNN World. Available at: https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html

Zavrazhnyi K. & Kulyk A. (2024) Modern business cybersecurity challenges and the role of artificial intelligence in countering threats. Economic bulletin of National technical university of Ukraine «Kyiv polytechnical institute», vol. 30. DOI: https://doi.org/10.20535/2307-5651.30.2024.313042