Artificial Intelligence in Cybersecurity: A Comparative Review of Its Role across the Cyber Kill Chain

Abstract

The adoption of Artificial Intelligence (AI) in diverse fields and the proliferation of interconnected devices have led to the emergence of highly sophisticated cyberattacks today. This new reality has compelled organisations to align their security policies by adopting cybersecurity frameworks. These frameworks provide organisations with models and methods for effectively managing digital security risks by promptly detecting and mitigating cyberattacks. The Cyber Kill Chain (CKC) decomposes cyberattacks into 7 phases, which cyber defenders can rely on when developing threat-informed strategies to mitigate cyberattacks. This paper presents a comprehensive overview of the CKC, highlighting the role Artificial Intelligence plays across each phase in terms of offensive and defensive cybersecurity operations. A comparative analysis of 3 cybersecurity frameworks, with justifications for each, was also examined. Drawing on real-world case studies and recent literature, this study further highlights current challenges with the fusion of AI into cybersecurity operations, ranging from data privacy, adversarial attacks, and AI explainability. The review concludes by advocating for the adaptation of dynamic, AI-driven modelling frameworks that better align with the rapidly evolving cyber threat landscape.