How Artificial Intelligence Is Transforming Security

AI in the Hands of Hackers

News |
Share

As artificial intelligence continues to revolutionize how we work and solve problems, it’s also transforming how cybercriminals operate. For security teams, this means one thing: adapt quickly or fall behind. 

At Samlink, Chief Information Security Officer Christian Eichin is watching the shift closely.

“We’re seeing a significant change. AI is now a real threat vector. It lowers the threshold for attacks and makes them faster, more scalable, and more difficult to detect.”

Smarter, Faster Phishing

The rise of generative AI has made phishing more dangerous than ever. Attackers no longer need perfect English skills or weeks of planning to launch convincing campaigns.

“AI is used to personalize phishing content at scale. It creates emails with perfect language, tone, even formatting, making them harder to spot.”

AI-generated phishing can target individuals based on their digital footprint, crafting messages that feel familiar and trustworthy. Deepfake audio and video are also entering the picture, making social engineering even more deceptive.

While phishing is a front door, AI is also probing the back. Code-level attacks powered by AI are no longer theoretical.

“There are tools that use AI to scan software for vulnerabilities and generate potential exploits. They’re getting better at mimicking what a skilled attacker would do.”

Although these tools aren’t fully autonomous yet, they significantly accelerate the process for bad actors. In the wrong hands, they lower the barrier to entry for advanced cyberattacks.

Defensive AI is Shutting Fire Off with Fire

With attackers using AI, defenders must do the same. But it’s not just about automation. It’s about smarter, faster detection and response.

“We already use machine learning for anomaly detection. It helps us recognize unusual behavior that traditional tools might miss.”

Christian emphasizes that AI is becoming a standard part of cybersecurity defense. However, it’s not a silver bullet.

“AI supports humans. It doesn’t replace critical thinking or accountability. At Samlink, we combine AI tools with strong human expertise.”

Samlink’s strategy is deeply aligned with Kyndryl’s cyber resilience philosophy. Real resilience is built into the organization, not layered on top. This includes working hand-in-hand with customers to design and evolve their defenses.

Kyndryl refers to this as “co-created resilience”, partnering with clients to tailor systems that suit their environment, risks, and maturity. For both Samlink and Kyndryl, cybersecurity is not a silo, but a fully integrated part of business operations.

Their approach also includes continuous control monitoring, a method for automating oversight across systems to detect anomalies early, reduce risks, and optimize response. It’s not just about reacting to threats, but embedding security into the very fabric of infrastructure.

“This isn’t something we solve once,” Christian says. “It’s an ongoing process. But we’re committed to staying ahead of the curve because that’s where resilience begins.”

Regulation, Ethics, and Trust

One growing concern is the open availability of powerful AI tools. While many are created for good, they can also be misused.

“Some of these open-source models are very capable. There’s a real discussion needed about access, regulation, and ethical use, especially for models that can generate malware or help evade detection.”

At the same time, organizations must manage their own use of AI responsibly.

“You have to know what models you’re using, how they behave, and where the data goes. It’s not just about functionality, it’s about trust.”

Christian expects the AI-driven threat landscape to grow more complex, and the use of AI on both sides to intensify.

“We’ll see more autonomous tools used by attackers. And also more collaboration between cybersecurity teams and AI systems. The next 1–2 years will be critical.”

Samlink continues to refine detection strategies and strengthen its security frameworks to remain ready for what’s next. Cyber resilience is not an afterthought, it’s something you build into the system from the start.