AI proves its value in cyber incident recovery: CrowdStrike execs

CHICAGO – Artificial intelligence can be a powerful tool for recovery after a cyber incident and proved itself so in the wake of a software mishap last year involving cybersecurity company CrowdStrike, according to company executives who spoke Monday at the Risk and Insurance Management Society Inc.’s Riskworld 2025 conference.

Meanwhile, the evolution of AI is also providing threat actors with expanded capabilities, especially in areas such as email phishing attacks and ransomware.

“Our CEO decided legal is going to be at the vanguard of rolling out an AI for the company, and that was about a year ago,” said Ron Wills, vice president of legal for CrowdStrike.

This gave CrowdStrike “a couple months under our belt in investigating different AI use cases internally. That ended up being really handy when we needed to review tens of thousands of contracts,” he said.

What previously would have taken months and cost several million dollars in external law firm spending was done in four to six weeks at a fraction of that cost, Mr. Wills said.

“We were able to use AI to understand our contractual situation,” he said.

Adam Cottini, director of business development for CrowdStrike, said AI-generated phishing attacks have a click through rate of 54%, compared with 12% for human attacks. “It just goes to show you how AI is being used from the threat actor side,” he said.

“You’ve got warfare on both sides of AI. All of us should be thinking about it as more of a force multiplier.”