Security in The Time of AI

Security in The Time of AI

As security risks rise, AI has a key role to play there to help identify threats instantly and reduce downtime. AI can do things much faster than human teams, in a timely manner. So investing in AI allows companies to keep a lean security function and keep those costs down. But on the flip side of those opportunities, there are some threats and the buzz around it isn’t without apprehension, says Toby Alcock, CTO, Logicalis.

Most CIOs are worried about AI threatening their core business propositions and concerned about challenges of effectively regulating AI use internally. There’s been a lot of media recently around governing and controlling AI. Discussions are also happening on how do CIOs can avoid putting data out into the public domain, in these larger language models.

We have seen that most CIOs have kicked off processes to formalize those policies, but it is pretty early days and it does feel a bit wild west at the moment.

We are also seeing the threat actors leveraging AI to make better attacks, more automated, more targeted, more precise. And so, about 83% of the respondents in our survey said that they’ve endured a cyber-attack in the last 12 months, which had significant business consequences. With that level risk, it’s little wonder that they’re operating in this state of hypervigilance at the moment.

The CIO Preparedness

Every organization has to accept that they’re going to experience a cyber breach at some point and be prepared for that scenario. I think preparation is key.

Even though is a pretty sobering thought and fairly jarring for the traditional technology purists, being digitally resilient isn’t about never being breached. It’s just about recovering quickly and cleaning and moving from a disaster recovery approach to business continuity.

We talk about operating in a zero trust model now that acts on the assumption that every device is trying to access data. Which is why we are now limiting the access to the users and the data to bare necessities. It is termed a blast radius, designed to limit the impact that these threats can have if you are breached. So in that model, even if one device is breached, Zero Trust helps to ensure there’s no knock-on effect in going on the rest of the business. This way you can limit the damage caused.

So being prepared and assuming that you’re operating in a breached environment, really helps to hone that focus on limiting the blast radius, essentially ensuring limited impact. But we can also leverage AI to fight AI. We can plan for that by analyzing copious amounts of data and comprehensive overview of every vulnerability in the platform. But this is still a challenge. In this year’s survey, we see 43% of CIOs still feel that their business is completely prepared. So less than half say that they’re completely prepared to handle another major security breach, even though more than 80% have had a breach. And even those who are saying who are completely prepared do not know where it’s going to come from next or how it’s going to look. You have to just   assume it’s going to come anywhere at any time.

At the same time, the job of innovation also falls on the CIOs! So they have to navigate that landscape in which they are required to innovate, do better things with the available technology – all the while trying to fight the cyber threats-  and also compete in the market. How do they navigate this minefield?

Also read: Enhancing Cybersecurity with AI Tools

The CIOs have a really complex role to play here, but I believe that they’re well-placed for it today. With more business and boardroom visibility than ever before, they have a great opportunity here. Also, today, CIOs really do understand the momentous stakes that are at hand here.

Ultimately, CIOs, modern IT leaders need to be able to speak a common language with their stakeholders and give them answers to the questions they’re asking, such as are we getting the maximum value out of our technology platforms? Has the digital performance, has a user experience because that’s impacting attraction and retention? These are super relevant conversation at the moment, particularly in the economic climate we have today. These decisions will also be impacting our revenue on these platforms.

The questions that they have are very different form the ones they used to face. The questions coming to the CEO and the CIO are now- what’s the carbon impact and what’s the energy efficiency of these solutions? I think that’s our real opportunity by moving our conversation from speeds and feeds of technology to these business outcomes. The IT leaders can have a much, much greater impact, and really significantly increase their business value.

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.