Cybersecurity Needs a Rethink in the Age of AI and Quantum Computing

The advancement of artificial intelligence (AI) and quantum technology is demanding a fundamental change in cybersecurity. Analysts say that the increasing speed and scale of attacks are pushing existing defense systems to their limits. AI is lowering the barrier to entry for cyberattacks. Cybercriminals are leveraging AI to automate everything from reconnaissance to ransomware attacks, increasing the speed of attacks. In particular, generative AI can be used to create tens of thousands of personalized phishing emails in seconds, enabling large-scale social engineering attacks. There are also cases of bypassing security defenses by accessing voice cloning software at a low cost. Agent AI further amplifies the risk of cyberattacks through systems that autonomously reason, act, and adapt. Approximately 74% of cybersecurity professionals say that AI-powered threats are already significantly impacting their organizations, and 90% expect these threats to worsen in the next 1-2 years. Quantum computing is also a threat that cannot be overlooked.

If developed without control, it has the potential to neutralize current encryption standards. Quantum algorithms can solve mathematical problems that underlie modern encryption such as RSA and Elliptic Curve. Peter Bailey of MIT Technology Review Insights warned that "quantum is coming and will force a change in all data security methods, including government, communications, and financial systems." He also emphasized that "most organizations are focused on the immediacy of AI threats, but quantum technology should not be overlooked either," and that "it is important to invest now in defenses that can withstand AI and quantum attacks." A 'zero trust' approach is presented as a solution to this. Zero trust implements continuous verification on the premise that users or devices cannot be inherently trusted. This enables continuous monitoring and helps detect and resolve vulnerability exploitation attempts in real time. Peter Bailey argued that "AI-based adversaries have advanced technology and operate at machine speed," and that "using AI to automate responses and defend at machine speed is the only way to go." He added that "systems, platforms, and security operations must be modernized to automate threat detection and response." Furthermore, companies need to strengthen the security of AI models and data to reduce exposure to manipulation by AI-powered malware.