There is no doubt that the rapid growth of the Artificial Intelligence (AI) large language models (LLMs) market has brought both new opportunities and challenges. Safety is the one most concerning issues in the development of LLMs. This includes elements like ethics, content safety and the use of AI by bad actors to transform and optimise attacks. As we have seen recently, one significant risk is the rise of deepfake technology. This can be used to create highly convincing forgeries of influencers or of those in power.
As an example, phishing and ransomware attacks sometimes leverage the latest generative AI technology. An increasing number of hackers are using AI to quickly compose phishing emails that are even more deceptive. Sadly, leveraging LLM tools for ransomware optimisation is a new trend that’s expected to increase, adding to an already challenging cyberthreat landscape.
However, we should take comfort in knowing that AI also offers powerful tools to enhance security. It can significantly improve the efficiency and accuracy of security operations. It does this by providing users with advanced methods to detect and prevent such threats.
This sets the stage for an ongoing battle where cutting-edge AI technologies are employed to counteract malicious use of the very same technology. In essence, it’s a battle of using “magic to fight magic”, where both warring parties are constantly raising their game.
The latest AI applications to boost security
Recently, we have seen a huge uptake in the application of AI assistants to further enhance security features. For example, Alibaba Cloud Security Center has launched a new AI assistant for users in China. This innovative solution leverages Qwen, Alibaba Cloud’s proprietary LLM. Qwen is used to enhance various aspects of security operations, including security consultation, alert evaluation, and incident investigation and response. By 2025, the AI assistant had covered 99% of alert events and served 88% of users in China.
Specifically, in the area of malware detection, by leveraging the code understanding, generation, and summarisation capabilities of LLMs, it is possible to effectively detect and defend against malicious files. At the same time, by utilising the inferencing capabilities of LLMs, anomalies can be quickly identified, reducing false positives and enhancing the accuracy of threat detection, which helps security engineers significantly increase their work efficiency.
The common cloud security failures businesses face today
Nowadays, a growing number of organisations are adopting multi-cloud and hybrid cloud environments, leading to increased complexity in IT infrastructure. A recent survey from Statista revealed that, as of 2024, 73 percent of enterprises reported using a hybrid cloud setup in their organisation. An IDC report also indicates that almost 90% of enterprises in Asia Pacific are embracing multiple clouds.
This trend, however, has a notable downside: it drives up the costs associated with security management. Users must now oversee security products spread across public and private clouds, as well as on-premises data centres. They must address security incidents that occur in various environments. This complexity inevitably leads to extremely high operational and management costs for IT teams.
Moreover, companies are facing significant challenges with data silos. Even when they use products from the same cloud provider, achieving seamless data interoperability is often difficult. Security capabilities are fragmented, data cannot be integrated, and security products become isolated islands, unable to coordinate. This fragmentation results in a disjointed and less effective security framework.
Additionally, in many enterprises, the internal organisational structure is often fragmented. For example, the IT department generally handles office security, whereas individual business units are responsible for their own production network security. This separation can create vulnerabilities at the points where these distinct areas overlap.
Cloud security products – a resolution to these issues
We found it effective to apply a three-dimension Integration strategy for our security products. It means that we adopt a unified approach that addresses three key scenarios. These include integrated security for cloud infrastructure, cohesive security technology domains, and seamless office and production environments.
The integrated security for cloud infrastructure is designed to tackle the challenges posed by increasingly complex IT environments. Primarily, it focuses on the unified security management of diverse infrastructures, including public and private clouds. Advanced solutions enable enterprises to manage their resources through a single, centralised console, regardless of where those resources are located. This approach ensures seamless and efficient security management across all aspects of an organisation’s IT infrastructure.
Unified security technology domains bring together security product logs to create a robust security data lake. This centralised storage enables advanced threat intelligence analysis and the consolidation of alerts, enhancing the overall security posture and response capabilities.
The integrated office and production environments aim to streamline data and processes across departments. This integration not only boosts the efficiency of security operations, but also minimises the risk of cross-departmental intrusions, ensuring a more secure and cohesive working environment.
Cloud security trends in AI era
We believe that the integration of AI with security is becoming increasingly vital for data protection, wherever it is stored. This is why we are dedicated to advancing AI’s role in the security domain, aiming for more profound, extensive, and automated applications. For example, using AI to discover zero-day vulnerabilities and more efficient automation based on Agents.
In response to the growing trend of enhancing AI security and compliance, cloud service providers are offering comprehensive support for AI, ranging from infrastructure to AI development platforms and applications. Cloud service providers can assist users in many aspects of AI security and compliance, such as data security protection and algorithmic compliance. Among them, the focus must always be on helping users build fully connected data security solutions and providing customers with more efficient content security detection products.
- AI in Procurement
- Cybersecurity