PwC: Why AI is Transforming Enterprise Cybersecurity

AI has transformed how businesses work, boosting creativity and productivity, adding strategic value and making the vast amounts of enterprise data across a network more valuable. 

That added value, however, turns much of what AI improves into a prime target for hackers and malicious actors. 

In particular, the rapid adoption of AI and Gen AI solutions creates concerns for businesses around the privacy and security of stored information, access to enterprise data and the misuse of technology. 

It’s also increasingly being used to launch far more sophisticated and complex attacks that traditional network security solutions like firewalls can’t defend against.

In this context, businesses must focus on thoroughly understanding the risks and opportunities of AI adoption, and ensure they have the appropriate preventative measures in place for deploying AI solutions across their network. 

PwC’s Senior Manager of Cybersecurity & Digital Trust, Pouya Koushandehfar, says companies should take a Zero Trust approach to deploying AI as a ‘must-have strategy’.

Combining AI and Zero Trust 

Hybrid working models have broadened the attack landscape for actors looking to exploit companies.

Adopting a Zero Trust approach provides a strong foundation for protecting modern and disparate digital assets, Pouya explains.

“At its heart, Zero Trust matches well with AI's focus on data and ability to adapt,” he writes.

“AI works best when high-quality data gets classified, encrypted and continuously monitored — goals that Zero Trust aims to achieve

Combining AI and Zero Trust brings benefits in several areas. For example, the level of automation provided by modern AI solutions can help accelerate Zero Trust principles across the enterprise, particularly around real-time threat detection and identifying and organising data. 

Also regarding data, AI is able to analyse and identify trends, clues and insights that can pinpoint potential breaches, thus improving security policies. 

Pouya highlights how the continuous verification and adaptive policies at the heart of Zero Trust can evolve alongside AI adoption and deployment, to ensure the two can tackle new and emerging threats together.

How AI enhances threat detection

Deploying AI as part of a company’s security posture allows for a continuous and evolving security posture, says Pouya.

He says: “As cybersecurity evolves, we need to make sure that access isn't just a one-time check but an ongoing process. 

“By integrating AI with continuous user authentication, companies can monitor user behaviour in real-time and adjust security rules based on changing risks.

“This approach ensures that every access request is verified as it occurs, reducing the likelihood of unauthorised access — even if someone has stolen login credentials.”

Hybrid working environments present a particular risk to modern businesses. Employees accessing networks and potentially sensitive data from disparate locations and devices requires a greater focus on monitoring behaviour and network activity to ensure a more proactive security posture. 

AI can deliver this thanks to its advanced algorithms and real-time analysis capabilities. Having this level of visibility ensures security teams can identify and act on vulnerabilities quickly and more effectively. 

How to rollout AI and Zero Trust

Pouya and PwC say that bringing together AI and Zero Trust in complex digital environments is essential. 

Key measures to ensure this approach is effective include working to a shared responsibility model. 

“To secure applications and assets, teamwork is essential,” Pouya says.

“Both the company and its tech providers must clearly define and understand their responsibilities on adoption of technologies.

“This ensures every part of security — from how data is managed, to keeping models accurate in AI-based apps — remains effective and fit-for-purpose.”

Other priorities include data classification and governance, as well as a continued focus on training and developing a robust security culture. 

On data classification, Pouya reiterates that the foundation of effective AI is built on good quality and safe data, recommending companies create strong data classification protocols and controls across data environments. 

While this may present challenges for organisations on their AI and Zero Trust journey, including related to legacy systems and evolving threats, Pouya says that “the strong synergy between AI and Zero Trust presents a compelling vision for the future of enterprise cybersecurity”. 

He concludes: “As AI continues to reshape business operations and mitigate cyber risks, adopting a Zero Trust approach with explicit verification and AI-powered threat intelligence ensures that security remains a priority — not an afterthought. Instead, it becomes an integral part of your strategy, staying one step ahead of emerging threats.”

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today.

Cyber Magazine is a BizClik brand