Artificial Intelligence (AI) has led to many breakthroughs and enhanced everyday processes, but it is also being used by malicious actors to attack businesses in more targeted and potent ways.
The implications of these attacks is staggering. Globally, the cost of cyber attacks in 2025 is expected to exceed $10 trillion, according to a report by Cybersecurity Ventures.
This calls for a change in how businesses defend themselves, as new and increasingly sophisticated threats are designed to evade conventional defences such as firewalls and antivirus software. As such, AI-enhanced attacks require equally advanced AI-powered defences, said industry experts at a recent Big Spark Dialogue session.

Based on CNA's popular business reality show, ‘The Big Spark Dialogues’ is a series of conversations on disruptive innovations between enterprise leaders, policymakers, investors and more. The discussion held on Aug 14, 2024 — led by technology research and advisory firm Ecosystm and moderated by their VP Industry Insights, Sash Mukherjee — featured speakers Joel Garcia, Head of Technology ASEAN, Amazon Web Services (AWS), and Gaurav Keerthi, Head of Advisory and Emerging Business, Ensign InfoSecurity. Mr Garcia and Mr Keerthi reflected on AI’s dual-natured role in cybersecurity and the partnership between the two companies.
THE SWORD: HOW CYBER CRIMINALS ARE USING AI
Empowered by AI, malicious actors are creating highly sophisticated, targeted attacks that are more effective than ever. For example, generative AI has made phishing, ransomware and hacktivism more accessible, even for non-programmers. Today, a cybercriminal can use a tool such as FraudGPT to generate malicious code to penetrate defences or turn to WormGPT to create phishing emails targeting businesses. “AI and generative AI are enabling these threat actors to actually act faster and on a much larger scale,” said Mr Garcia. These can also be used to quickly and automatically generate realistic-looking phishing emails and webpages, which trick people into giving away sensitive information.

According to a study this year in the United States, 60 per cent of participants fell victim to AI-generated phishing attempts, which is comparable to the success rates of non-AI-phishing messages created by human experts. “One of the areas of real concern for AI and cybersecurity is when we start to see hackers using AI to develop improved or new malware,” said Mr Keerthi. “It is a productivity tool for the bad guys just as much as it is for our own developers.”
THE SHIELD: HOW ORGANISATIONS CAN USE AI TO DEFEND THEMSELVES
The good news is that this very force that can inflict such harms can also be harnessed to create more robust defences. One way is by using AI to “force-multiply” the efforts that human cybersecurity specialists can deliver. For example, AI can quickly analyse vast amounts of data to identify patterns and anomalies that may indicate a cyber attack. This helps security teams stay ahead of attackers, reducing breach risks.
More importantly, AI does not just react; it predicts. By analysing historical data, it can forecast potential threats. Organisations can use it to identify vulnerabilities in their systems and strengthen these before hackers get the chance to exploit them.
Mr Keerthi likened such analytical and predictive capabilities to finding needles and haystacks: “It identifies anomalies that deviate from baseline trends (needles), and clusters seemingly unrelated data into meaningful patterns (haystacks),” he explained. This predictive power, combined with automation, enables security teams to expand their efforts and respond faster to emerging threats. Companies that have stuck to older traditional cybersecurity systems, Mr Keerthi warned, could be in danger as they are easier targets for attackers than those that do use it. “The faster you incorporate AI into your security apparatus, the better defended you will be,” he advised.

A PIONEER IN AI-POWERED PROTECTION
This is where Ensign InfoSecurity steps in to protect businesses. For the past few years, the company has heavily invested in research and development (R&D), establishing an in-house AI lab that has pioneered several patents and breakthroughs. By leveraging machine learning, deep learning, natural language processing (NLP) and large language models (LLMs), Ensign's innovations detect behavioural anomalies and threats invisible to conventional systems. This ongoing R&D solidifies Ensign’s position as a leader in cybersecurity, equipped to protect businesses operating in the most challenging environments.
FORMIDABLE ARMOUR IN ACTION: ENSIGN’S SECURITY SOLUTIONS
Notably, Ensign’s flagship AI-powered cyber analytics solution, Ensign Helios, has been proven in the real world to ward off attacks by detecting unusual behaviours within a network.
In September 2023, Ensign’s cyber defence solutions noticed and flagged a burst of data traffic from a client’s device, which was undetected by other rules-based cyber defences. Using AI to analyse the traffic, Ensign’s system pointed to a possible Domain Generation Algorithm (DGA) attack, a sophisticated method of disguising communication between a compromised device and a remote server.
Ensign’s AI, however, was able to identify the anomaly and the vulnerable machine among thousands of devices across multiple continents and countries. Post-incident forensic analysis was also conducted.

STRENGTHENING PROTECTION THROUGH PARTNERSHIPS
Ensign’s strategic partnerships with technology leaders like AWS further bolster its capabilities. Leveraging AWS cloud infrastructure, Ensign is able to tailor its solutions effectively for businesses of all sizes, including those with operations spanning multiple continents.
AWS’s wide range of services — including SageMaker for AI and machine learning, Elastic Kubernetes Service (EKS) for orchestration, and Elastic MapReduce (EMR) for big data processing — provide the technological backbone necessary to deliver Ensign Helios’s capabilities at scale. This allows Ensign clients to onboard quickly and securely, ensuring that critical cybersecurity measures are deployed as fast as possible.
Moreover, the AWS cloud platform enables Ensign to continuously improve its AI-driven solutions. The faster turnaround for updates and feature rollouts ensures that Ensign’s clients benefit from the most advanced and up-to-date cybersecurity technology available.
CHOOSING THE RIGHT GUARDIAN
A study by research firm Ecosystm found that 65 per cent of IT leaders in Singapore find it challenging to identify the right AI cyber solutions.
According to the firm’s VP Industry Insights, Ms Mukherjee, finding the right fit is important. Partner ecosystems streamline operations by consolidating security functions into a single platform, reducing complexity, improving efficiency and minimising human error, she noted during the panel discussion.
These ecosystems also facilitate the sharing of threat intelligence, providing chief information security officers (CISOs) with valuable insights into emerging threats and helping them make informed decisions.

PREPARING FOR TOMORROW’S CYBER BATTLES
As AI gains more traction, hackers will find new ways to weaponise it to cause serious damage to organisations. This is why it must be harnessed for enterprise protection. In the next five years, AI systems are expected to act autonomously, detecting and even repelling attacks at an early stage, said Mr Keerthi. “Today, AI flags anomalies such as unusual logins requiring a manual step to investigate or tighten login controls,” he noted. “However, we are beginning to see these processes becoming increasingly automated, with AI systems seamlessly connecting detection to corrective actions.”