Cyber threats are real and constantly evolving, and responsible cybersecurity is looming.[1] This confluence of factors makes cybersecurity more important than ever. However, this article is not a detailed account of cyber threats or the necessity of cybersecurity. It is 2022, and I will assume you already know these realities. Instead, this article is about research, specifically how to pursue research properly, based on my experience with two different research programs at the Defense Advanced Research Projects Agency (DARPA).

The 1990s might have a lot to teach us about how we should tackle harm from artificial intelligence in the 2020s. Back then, some companies found they could actually make themselves safer by incentivizing the work of independent "white hat" security researchers who would hunt for issues and disclose them in a process that looked a lot like hacking with guardrails. That's how the practice of bug bounties became a cornerstone of cybersecurity today. In a research paper unveiled Thursday, researchers Josh Kenway, Camille François, Sasha Costanza-Chock, Inioluwa Deborah Raji and Joy Buolamwini argue that companies should once again invite their most ardent critics in -- this time, by putting bounties on harms that might originate in their artificial intelligence systems. François, a Fulbright scholar who has advised the French CTO and who played a key role in the U.S. Senate's probe of Russia's attempts to influence the 2016 election, published the report through the Algorithmic Justice League, which was founded in 2016 and "combines art and research to illuminate the social implications and harms of artificial intelligence."

The growth of myriad cyber-threats continues to accelerate, yet the stream of new and effective cyber-defense technologies has grown much more slowly. The gap between threat and defense has widened, as our adversaries deploy increasingly sophisticated attack technology and engage in cyber-crime with unprecedented power, resources, and global reach. We are in an escalating asymmetric cyber environment that calls for immediate action. The extension of cyber-attacks into the socio-techno realm and the use of cyber as an information influence and disinformation vector will continue to undermine our confidence in systems. The unknown is a growing threat in our cyber information systems.

From improving customer service to automating work processes and providing predictive analysis, artificial intelligence (AI) is transforming the way organisations operate. AI is also bringing significant advantage to cybersecurity in uncovering vulnerabilities and responding to threats. Security correspondent Daniel Bardsley speaks to Paul O'Brien, Director of AI, Service, Security and Operations Lab Applied Research, BT Technology and Professor Nader Azarmi, Emirates ICT Innovation Centre (EBTIC) director and head of BT Global Research Centres to discuss how advancements in AI spells the future of security in the Middle East. There is no shortage of money being invested in cybersecurity research as the threats from attackers appear to grow. Microsoft, for example, spends more than $1 billion annually in cybersecurity research and development, with the firm having said that the amount is increasing as activity migrates to the cloud.