Visa's top cybersecurity executive has sounded a warning over cybercriminals leveraging generative artificial intelligence with the impact of the powerful and accessible technology set to be significantly felt across all industries within the next two years.
Generative AI is going to impact every function in all sectors in the next 12 to 18 months, Subra Kumaraswamy, senior vice president and chief information security officer of the US payments company, told The National.
The advent of modern technology and its broadening adoption will distinguish generative AI's expansion from previous industrial revolutions, which were specific to certain sectors, he said.
The widening, low-cost availability of the technology opens up a new, possibly more potent avenue for cybercriminals, which should put businesses on higher alert.
“Generative AI is going to be applicable to every function and industry – healthcare, financial, education, entertainment – hence the opportunity for bad actors because they can also use AI in the same way,” Mr Kumaraswamy said on the sidelines of the Visa Security Summit in Dubai on Wednesday.
“The other interesting part is that the cost of entry is very low … or you can get it for free,” he said, referring to the paid tiers offered by generative AI service providers to users.
Generative AI platforms, like any other service, vary in cost depending on their power or user specifications – from as low as Anthropic's $0.25 for a certain amount of tokens to $20 a month for the top-tier offerings from Google and the industry leader, ChatGPT maker OpenAI.
“That makes it easier for everybody to consume [generative AI] versus a supercomputer, [where] you invest billions of dollars,” Mr Kumaraswamy said.
“It's a difficult problem, because you don't know who's accessing your services … it's going to be very hard to differentiate if a person is using it for a good or ethical use – but the fact of the matter is the barrier to entry is very low.”
This means cybercriminals can potentially discover and access vulnerabilities in information technology systems, which are already at risk from increasingly sophisticated cyber attacks, he said.
Previously a smart hacker needed to spend hours figuring out how to exploit IT vulnerabilities, he said. “Now, generative AI bots can make it easier for them and make [organisations] much more targetable.”
The financial sector, in particular, is at risk. San Francisco-based Visa acknowledges that cybercriminals are leveraging generative AI to target what is already one of the most frequent and lucrative targets of illicit digital activity.
The top companies, in finance and elsewhere, need to “spend the time understanding how generative AI [can] be weaponised” against them, Mr Kumaraswamy said.
“Threat actors are also innovating. The technology, techniques and methodology that we leveraged over [previous] years may have to be rethought, especially in the advent of AI.”
The rise of AI has been meteoric, bringing with it benefits, challenges and perceived risks. Authorities have been scrambling to regulate the sector as innovations outpace existing guidelines.
The global cost of cyber crime is projected to surge to $13.82 trillion by 2028, compared to an estimated $9.22 trillion in 2024, at a compound annual growth rate of more than 8.4 per cent, data from Statista shows.
If cyber crime were a country, the 2028 figure would make it the third-largest economy in the world, behind only China and the US.
“There will be a lot more opportunities in cybersecurity as technologies evolve … the bad guys are out there trying to figure out a way to disrupt or compromise you.
“Cybersecurity is going to play a very crucial role to help the economy grow. It's the guardrail and safety net,” Mr Kumaraswamy said.
“There will be more companies that will be using AI to help their businesses get stronger in cybersecurity.
“Same thing with consumers … there will be new kinds of technologies that will eventually be able to use AI.”
