In less than a decade, the Cybersecurity industry essentially teleported from protecting a tangible perimeter and edge, to securing several micro-perimeters, while grappling with the practical application of Artificial Intelligence, Machine Learning, and Automation. As it stands, these capabilities are being leveraged by both attackers and defenders. It is our opportunity to not only use them to power business, but to give them a decisive purpose for good.
During a recent webinar, we took this question to our participants. In Navigating the Cybersecurity Landscape: Insights Beyond the CISO Survival Guide, audience members were polled about what they perceived as the biggest challenge in adopting AI, ML, and Automation in a security context. More than half suggested ensuring data privacy and protection were their biggest concerns.
Artificial Intelligence in Cybersecurity has Two Key Points
The main question we must ask ourselves when dealing with AI in security is: How do you enable it? The second, and only slightly behind, is: How do you secure the AI? Here’s just some of what our panelists had to say, in their own words. You’ll have to catch the webinar for the rest.
Prasad Parthasarathi
Senior Director, Cisco Investments
Enabling and securing AI and ML technologies comes down to three core pillars.
Asset Management | Know your assets. Asset visibility and asset management is the foundation of future security initiatives. And by assets, we are talking about network, user, devices, application, and data.
Policy Enforcement | Once you know your asset inventory, set policy around each asset. Then, anytime there's a deviation from this policy, investigate and prioritize between anomalous and malicious behaviors.
Breach prevention | For malicious activity, immediately turn to breach prevention. The goal is to reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR).
Generative AI plays a significant role across these layers. With GenAI, you can enable security policy rollouts and updates across entities. For example, Cisco recently announced the Cisco AI Assistant for Security. This includes the AI Assistant for Firewall Policy, where administrators can use natural language to discover policies and get rule recommendations, eliminating duplicate rules, misconfigured policies and complex workflows with increased visibility as well as accelerated troubleshooting and configuration tasks.
As for securing AI, we have our work cut out for us. Tools like ChatGPT have democratized AI models for all users, and bad actors aren’t afraid to leverage its powerful capabilities. Now, we have to set up firewalls around the AI models themselves and specifically secure them against data contamination and DDoS attacks. And yet, robust, AI-driven intelligence can also help with that, as it understands every AI-ML model, matches patterns, and embeds software development kits (SDKs), enabling you to manage next-generation firewalls.
Morgan Kyauk
Managing Director, NightDragon
I see a lot of potential at the intersection of AI and security enablement. The fact that we are able to take massive amounts of data, apply artificial intelligence to that data, and glean insights from it in an automated way is evidence alone. AI-driven chat interfaces also go a long way to simplify the process of engaging with security products, which can be an overly complex process. Artificial Intelligence has also made huge strides in automating the management and integration of multiple security technologies, a task that has always come with a fair bit of challenge. And lastly, one of the key pain points we hear from CISOs is the ability to hire and retain cybersecurity talent. By automating small security tasks, AI is helping to offset the burden of the cybersecurity skills gap.
Amir Zilberstein
Managing Director, Team8
I'll first start with an observation. At least in its current state, I think AI is, and will be leveraged by defenders more than by attackers. Despite the hype, to date, we haven't seen any noteworthy AI-based attacks other than craftier phishing schemes. However, we'll probably see these coming soon.
I agree that we’ll continue to see AI and Generative AI closing the cyber skills gap, at least for more basic-level capabilities. We'll see both the co-pilot and the auto-pilot approaches; “AI defenders don't get tired,” “They're relentlessly consistent,” and so on. On the other side, because organizations all over the world are incorporating AI into their businesses, the attack surface will inevitably and exponentially increase and nigh spread. To prepare against the ubiquity of those AI-driven threats, we need to be excellent at managing adversarial inputs, enforcing access control to information, and so much more.
Watch the Webinar
These discussions only begin to scratch the surface of how AI can be wielded to its maximum-security potential. Some of these answers we know. Others, we are finding out along the way. We are genuinely excited to be on the razor's edge as the security industry uses AI, ML, and automation to protect our enterprises at a level previously unimaginable.
For more insights, watch a Navigating the Cybersecurity Landscape: Insights Beyond the CISO Survival Guide.