The dual face of AI security – are you ready?
The way security professionals and their businesses approach artificial intelligence is one of contrasts and contentions. We’re still in a state of flux as to whether AI will lead to true cyber safety, or leave us more vulnerable to increasingly sophisticated attacks.
Optimists view AI as a gleaming opportunity to improve cybersecurity tools at a rate that helps us stay ahead of attackers. AI can strengthen defenses at unprecedented speeds and deliver automated threat intelligence that guides both immediate and long-term decision-making.
A more pessimistic view however presents AI as a weapon for adversaries to launch increasingly sophisticated new and dangerous threats on unprepared individuals and organizations.
In my view, our reality sits somewhere in between.
Chief Executive Officer, Performanta.
What it means to be AI-secure
There are always two sides to a coin. Where AI is considered, risks can arise both internally and externally. For instance, hackers use AI’s speed and scalability to launch widespread cyber attacks from outside the business, while any mishandling of AI technology within can hand valuable assets directly over to them.
A sound AI security strategy considers both sides.
AI’s efficacy in helping businesses automate the data collection process is a well known advantage. However, organizations must not forget that speed and efficiency do not surpass security as a priority. For example, automating data collection with AI still requires anonymization when sensitive information is included, and it must be controlled so only approved individuals can access it.
Here, zero-trust and multi-factor authentication can help ensure only the correct individuals within an organization can access it. This practice stems from the tide of mishandling, improper storage and data leaks – purposeful or otherwise.
Like with any new software, businesses must also consider the security of third-party AI services. Are you certain that the AI model you are using is truly secure? Here, diligence must come before investment – organizations can have the strongest internal defenses only to be let down by poor third-party security.
We saw a recent example of third-party security failure by UnitedHealth, when an attacker gained server access through Change Healthcare, a third-party affiliate. Breaching this side door meant UnitedHealth’s highly protected customer data could be accessed in a matter of days.
There’s also the need to continually train AI models with the latest information. Making decisions on out-of-date data opens the door for misguided defense strategies. Before businesses make any AI-based decisions, they must remember to account for the recency and relevancy of the data they are processing.
What features to look for in AI-secure security platforms
While the global battle for AI superiority rages, businesses must carefully consider which AI tools will bring them the most security. The best providers of AI-ready security tools and services have preempted the concerns laid out above, and innovated their services to limit errors in managing an AI-ready world. Microsoft Security Copilot is a great example approach to AI-security and a cyber safe outlook.
Here are four features to look out for:
1. Real-time monitoring
When it comes to identifying vulnerabilities, monitoring threats and repelling attacks, cyber teams rely on powerful platforms to do the heavy lifting; there simply isn’t enough time or resources to do this on a case-by-case basis. Through proprietary AI, businesses gain transparent, comprehensive views of internal and external activity, network traffic, user journeys and data access.
From here, intuitive machine learning can recognize anomalies from within and outside the organization, harnessing historical data to analyze minute-by-minute threat environments and predict when attacks might occur and in what form.
Even the hardest working security professional can’t be in two places at once. Microsoft Security Copilot, among other systems, accounts for this, leveraging AI to monitor the constant stream of business activity while also intelligently flagging real-time threats.
Naturally, as incident response becomes more automated – although human oversight remains crucial – security teams can receive threat data almost instantly, with less manually intensive requirements, freeing up resources to immediately respond.
For the past two decades, we have been one step behind cyber attackers; with real-time response, we level the playing field.
3. Automation to reduce time and error
While there is something to be said for automated processes reducing human error, especially from time and resource-poor cyber specialists, it’s my opinion that this risk will always exist. At least with this mindset, we’re not falling into the old adage of ‘fail to plan, plan to fail’. Microsoft Security Copilot and other systems, for all of their advantages, are only as robust and foolproof as the security specialist using them.
Does automation decrease the chance of human error? Definitely. Does it cure it altogether? Definitely not. We must enable powerful new systems to remove manual task intensity, but they must remain directed by boots-on-the-ground specialists.
4. System cohesion
Businesses use many different systems for vital day-to-day operations. Data migration between separate systems, failing to train and educate employees, and poor security integrity across the tech stack, all increase the attack surface and therefore the organization’s vulnerability.
The tech giants hold a significant advantage here. Take Microsoft Security Copilot, which has been built to integrate into Microsoft’s existing suite of tools, such as Azure Cloud, Defender, and Office products. This level of ‘baked-in’ security reduces the attack surface. It’s a strategic advantage that cannot be underestimated, offering a greater degree of monitoring, control and transparency.
Becoming AI-secure is the first step
The best piece of advice I and many of my colleagues can provide is to adopt a constant, deliberate and thorough analysis of AI opportunities and challenges.
Is there a new capability from your chosen provider that can help plug a long-known vulnerability to a greater extent? Invest and move quickly.
Have attackers launched a new AI-based threat that challenges existing defenses? It’s time to quickly analyze current strategies and find ways to innovate in turn, relying on your network to formulate the best industry-wide approach.
An AI-secure organization is one that commits itself to proactive cyber safety. AI can be our greatest tool in the fight to come, but we must not forget that attackers are thinking the same.
We’ve compiled a list of the best endpoint protection software.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
The way security professionals and their businesses approach artificial intelligence is one of contrasts and contentions. We’re still in a state of flux as to whether AI will lead to true cyber safety, or leave us more vulnerable to increasingly sophisticated attacks. Optimists view AI as a gleaming opportunity to…
