AI is versatile and will certainly continue to be a threat as well as a salve. But there may be other, more dangerous tech to watch out for, as far as security is concerned, says Chloe Burton, security consulting manager at Accenture.
Is AI a double-edged sword for cybersecurity, or does it expose or secure businesses from significant threats? Expose or secure, expose and secure. How can CISOs use this technology to make their cybersecurity posture resilient? And what strategies can businesses embrace to stay secure from the risks exposed by the use of AI? What do you have to say about that?
Chloe: Yeah, for sure. Yeah, most definitely a double-edged sword. And I think as I kind of answered the remaining parts of that question, it’s going to be the theme of the helpful and the harmful. And I think it is something that probably won’t be a shocker to hear. One of the use cases I typically come across is when we talk about phishing emails. With AI and the likes of the chat GPTs out there, right, and someone going create a malicious mail using Chat to UBT or AI,
Obviously, those bounds around the platform say we can’t do that. However, in the same vein, if you go in and create an email that looks like an invoice and it has urgency. It can create that because there are no bounds to the AI. So again, the helpful and the harmful part of it and how that’s disrupting the cybersecurity industry.
This month of awareness we work with is about how you utilize AI to keep secure; it is about what you can use it for and what you should use it for. And then also how can it be helpful in understanding if we’re talking about what’s happening?
AI doesn’t have what we humans have: that consciousness, morals, and ethics we understand. We can see from the peripheral what’s happening here. AI is just outputting, though, in a more intelligent way. So yeah, I think the strategy around that is the awareness- teaching your security practitioners how to utilize it and your end users. That human layer will be very intriguing as we go into the future.
Like how humans are going to interact with intelligence. And so as much as you can train and have your users aware, it’s going to be crucial and beneficial for, I think, executives across the board at any organization, any size, because its AI has been so embedded in all applications today. Some of our major vendors and players, and they’ve embedded this into our everyday lives and how we’re using it.
AI is certainly a double-edged sword for cybersecurity. AI doesn’t have what we humans have: that consciousness, morals, and ethics we understand. The strategy around that is awareness- teaching your security practitioners and end users how to utilize it.
So, are there any pitfalls in integrating a zero-trust network architecture? And how can businesses ensure a successful zero-trust network architecture implementation?
Chloe B.: Yeah. So, I’m sure they don’t think any deployment or implementation of any software architecture will encounter those. I think rather than pitfalls, I’d probably say the complexities behind it, which lead to pitfalls. I used AI to ask what the other trust network architecture is. So they explained it in a great way about, you know, if you’re trying to get into a clubhouse and before you got in with just saying your name, but now with zero trust, it’s at the same my name and then something like a passphrase or a secret answer.
And so, that added complexity is something that I will encounter as an end user. So, if you think about it from the view of developers engineering that architecture, it’s really about how one technology talks to another technology and that complexity layer involved.
And if you don’t get that right, you can fall into a pit. Right. I’m kind of what that will cause and the disruption it could cause. And then I think on top of that, right, I can imagine me not having access to something I think I should have access to.
And now, I don’t understand why I have to be logged out to be repeatedly re-verified. And that’s just a frustrating point, again, that human layer.
So, as organizations think about how to construct the Zero Trust architecture, it’s a lot of planning, designing, and thought, meaning that that’s something I’ve got across the board you should do out of the box.
Zero Trust is great, but after defining what you are trying to secure and understand based on your business and the priorities of the business.
What are we trying to ensure that we’re protecting against those needing access, right? What do they need to get into? Do they need to be in all these different places? So, mapping that out and understanding the user destination, right?
Chloe: What’s the purpose, the intent? And then, as you go through that, you think about just as a typical architect building a house, you start to build that out and understand all your different intricacies.
A proper thought process will be critical to ensure that while you’re demystifying the complexities, it’s still going to be there, but it’ll be easier to traverse.
What strategies would you suggest for enterprises to streamline and enhance their security information and event management?
Chloe: From what I’ve seen, organizations usually don’t have the benefit of getting a greenfield platform. Most of the time, you’re inheriting a platform. So, I would love the data to have a Greenfield environment and streamline that.
But I think it will take planning, thought, and concern if we’re thinking about it from whether we’re in between or at the beginning. I think with some platforms, the sensitivity of what you’re putting in there, it should all be very security-relevant
Just let’s make sure what we’re putting is valuable and relevant because then it’ll all be garbage in, garbage out.
So again, back to what the business is looking for. What are we protecting? What are we ensuring that, you know, what is the risk we’re taking if we assume breach, right? If that does happen, how is this platform going to help us? Do we have the proper sources in there? Right.
I’m sure we have those typical five to 10, the box list, your network, your identity, your cloud, and some things you know should already be there. But is it all commingling and doing what it should be doing? And again, third time planning, right? Understanding that. And I think once you have that full-picture view, that should hopefully streamline it. And I think over top of that, the governance overlay, right?
What can businesses accomplish as a cyber-resilient security posture? Are there any other tools and technologies that you think can help you? You know, up and coming, maybe they will come into the full force over the next eight, 10, 12 months.
Chloe: There are a few questions: How many different tools do you use? How do you think about it? Do you believe in the same kind of tools?
AI and machine learning are just embedded in our stacks. But I think something else within the secure operations space that is beginning to have a bit more traction, I think it’s been around for a bit, is the automation.
The efficiency and effectiveness will remove those mundane tasks from some of your analysts and just your conversations in general. And we don’t have to focus just on one tool. The conversations will be going forward – how can we automate and embed? That is going to be something we’re going to see more of.
And it’s funny to say this, but a few years ago, many clients were journeying to the cloud; what’s happening? Now we’re there. The journey hasn’t stopped, though, right? Because we’re still understanding the cloud infrastructure, the architectures, and how adversaries can get past those defenses within the cloud versus the on-prem environment.
I’m making sure that we’re accounting for that. I think we are on some of the advanced side and something like quantum computing. The encryption behind that even goes alongside Blockchain.
So, thinking about all that and how that will get ingested in the data, we can get out of that and again, thinking about the security around that, or how it will help the security. And then the internet of things, IoT, that is everywhere. And it’s constantly listening.
Just the sensitivity of all data going there- I’m sitting in my workspace, in my home, and talking to clients about their stuff, and I can’t have that happen if just Alexa listens to my conversations with my clients! The snowball effect it could have is phenomenal. It ties in something I didn’t think about until this moment: how that ties into your stationary environment at home and your vehicles. That is going to be very interesting.
You know, Tesla came out, and we were all super excited, but then it’s like, well, wait a minute, a little computer is driving our cars, and computers are really what we try to secure.
So I think just being cyber resilient and breaking it down, Resiliency is just that bounce back, right? Cyber resiliency is making sure after you go through any incident or attack. You can come back online.
What do we have in place? Why is it there? The technology we have to help us recover because minimizing that downtime is the biggest part of being resilient.
Please have your backups. That’s crucial. Your plans, DRPs, disaster response plans, business continuity plans, and those processes.
That human layer that we’re never going to escape. Instead of informing people what they should do if this happens, we inform people. We plan on quickly getting back to normal operations and lessen the blow.
Because it’ll happen one day, right? Whether it’s big or small, you’ll probably get a breach. That’s just the unfortunate reality.
Also Read: GenAI Online Security Threats for Businesses
Where do you think the next attacks will come from?
Chloe: I read an article that says – the best defense against AI is AI. So when you say where the newer attacks are coming from, we already see that. The phishing and the ransomware are right from the intelligence. But there is more.
I will continue collecting knowledge about how that can transform outside of these common things. We are stuck on phishing and ransomware. But what is next? And some of the things that we have talked about, I haven’t tapped into. Like quantum computing, Blockchain has been around, but I think the adaption from organizations hasn’t been as quick as maybe we expected it.
But it’s something that I’m going to keep an eye out for.
But I keep coming back to AI. It’s disrupting a lot in security. And I say disrupting negatively; If say it in the way of a change that we must stay diligent on. These adversaries give me a little anxiety. Because I just don’t know. It could be anywhere.
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.