2025: Crisis Management Days Book of Abstracts
Communication and Innovative Technologies for Crisis Management

The role of AI in information and cyber security management

  • Silvana Tomić Rotim,
  • Josip Kutnjak
Silvana Tomić Rotim
University of Applied Sciences Velika Gorica, Zavod za informatičku djelatnost Hrvatske d.o.o.
Josip Kutnjak
University of Applied Sciences Velika Gorica

Published 2025-05-14

Keywords

  • Artificial Intelligence,
  • Information Security,
  • Cybersecurity,
  • Machine Learning,
  • Threat Detection

How to Cite

Tomić Rotim, S., & Kutnjak, J. (2025). The role of AI in information and cyber security management. Crisis Management Days. Retrieved from https://ojs.vvg.hr/index.php/DKU/article/view/672

Copyright (c) 2025 Author

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

Introduction

In an era of rapid digital transformation, information security has become a fundamental concern for corporations, governmental institutions, and private entities. The exponential growth of data, the expansion of the Internet of Things (IoT), and the increasing complexity of cyber threats necessitate advanced security mechanisms. Artificial Intelligence (AI) is playing an increasingly crucial role in identifying, preventing, and mitigating cyber threats by leveraging machine learning and deep learning techniques to detect anomalies and automate security responses.

This paper explores the integration of AI into information security management, focusing on threat detection, automated response mechanisms, security policy adaptation, and compliance with global security standards such as ISO/IEC 27001. AI-driven systems enhance cybersecurity strategies by predicting potential attacks, identifying vulnerabilities, and enabling real-time responses to security incidents. The study highlights AI's contributions to risk assessment, security protocol optimization, and the implementation of intelligent defense mechanisms.

Through different case studies, the paper illustrates how AI is revolutionizing cybersecurity frameworks, offering organizations proactive and adaptive security solutions. As AI continues to evolve, its role in information security is expected to expand, shaping the future of autonomous security systems capable of independent threat assessment and mitigation.

Methodology

The methodology of this paper is based on a comprehensive review of scientific literature, case studies, and practical implementations of artificial intelligence (AI) in information security management. A qualitative research approach is adopted, focusing on theoretical analysis and real-world applications to assess the effectiveness of AI-driven security mechanisms.

  • Literature Review – The study begins with an extensive analysis of existing research, academic papers, and industry reports related to AI in cybersecurity. This review identifies key trends, challenges, and opportunities in the field.
  • Comparative Analysis – Different AI techniques, including machine learning, deep learning, and automated security protocols, are compared based on their efficiency in identifying, preventing, and mitigating cyber threats.
  • Case Studies – The research includes real-world examples from industries such as finance, healthcare, e-commerce, and telecommunications to illustrate how AI is transforming information security.
  • ISO/IEC 27001 Compliance Analysis – A detailed examination of how AI can support compliance with international security standards, focusing on risk management, policy adaptation, and automated security responses.
  • Future Perspectives – The study concludes with a discussion on the future role of AI in cybersecurity, emphasizing potential advancements, ethical considerations, and challenges that need to be addressed.

 

Results

This study aims to provide a comprehensive understanding of the role of Artificial Intelligence (AI) in information security management, identifying its benefits, challenges, and future implications. The expected outcomes of this research include:

  1. Enhanced Understanding of AI in Cybersecurity – A detailed analysis of how AI technologies, including machine learning and deep learning, contribute to threat detection, attack prevention, and automated security responses.
  2. Identification of Effective AI-Based Security Measures – Insights into the efficiency of various AI-driven security mechanisms, helping organizations implement advanced solutions tailored to their specific needs.
  3. Evaluation of AI’s Role in ISO/IEC 27001 Compliance – A clear assessment of how AI supports organizations in meeting international security standards, focusing on risk assessment, policy enforcement, and automated compliance monitoring.

Case Study Analysis and Practical Applications – A review of real-world implementations of AI in different industries (finance, healthcare, e-commerce, telecommunications), demonstrating its impact on cybersecurity frameworks.

References

  1. Direktiva (EU) 2022/2555 Europskog parlamenta i Vijeća od 14. prosinca 2022.
  2. Zakon o kibernetičkoj sigurnosti od 26.1.2024.
  3. ISO/IEC 27001:2022 Informacijska i kibernetička sigurnost i zaštita privatnosti, Sustav upravljanja informacijskom sigurnošću – Zahtjevi
  4. Zhang, Z., Ning, H., Shi, F. et al. (2022). Artificial intelligence in cyber security: research advances, challenges, and opportunities. Artif Intell Rev, 55, 1029–1053. https://doi.org/10.1007/s10462-021-09976-0
  5. Mughal, A. A. (2018). Artificial Intelligence in Information Security: Exploring the Advantages, Challenges, and Future Directions. Journal of Artificial Intelligence and Machine Learning in Management, 2(1), 22–34. https://journals.sagescience.org/index.php/jamm/article/view/51
  6. Hashmi, E., Yamin, M. M., Yayilgan, S. Y. (2024). Securing tomorrow: a comprehensive survey on the synergy of Artificial Intelligence and information security. AI Ethics. https://doi.org/10.1007/s43681-024-00529-z
  7. Abbas, N. N., Ahmed, T., Shah, S. H. U. et al. (2019). Investigating the applications of artificial intelligence in cyber security. Scientometrics, 121, 1189–1211. https://doi.org/10.1007/s11192-019-03222-9
  8. Jada I., Mayayise, T. O. (2024). The impact of artificial intelligence on organisational cyber security: An outcome of a systematic literature review. Data and Information Management, 8 (2), 100063. https://doi.org/10.1016/j.dim.2023.100063
  9. https://digital-strategy.ec.europa.eu/hr/policies/regulatory-framework-ai, 15. 2. 2025.
  10. https://www.iso.org/standard/27001, 15. 2. 2025.