AI Is The Past, Present And Future Of Cybersecurity
The 2024 RSA Conference brought together some of the brightest minds and most innovative companies in the cybersecurity industry. The consensus was clear: artificial intelligence (AI) is revolutionizing cybersecurity, enhancing capabilities, and making defense mechanisms more efficient and robust.
I had a chance to speak with a variety of vendors and experts to learn more about their products and services, as well as what’s on the horizon. The prevailing theme revolved around AI.
AI Is Not New
To be clear, although AI has had significantly more mainstream attention thanks to ChatGPT and other generative AI models and tools that have taken the world by storm over the past year and a half, cybersecurity is not new to AI. AI and ML have been hot buzzwords in the industry since before generative AI entered the scene.
The mantra that it is impossible for manual methods or human beings alone to keep pace with the sheer volume of data and events has been true for years. Everyone recognizes that there are certain routine tasks that are easy to automate and occur in such overwhelming volume that AI and ML are fundamental requirements for some elements of cybersecurity.
What has changed is that generative AI democratizes access to cybersecurity. It empowers individuals who are not security professionals to understand their security posture and it enables security professionals to dig into the proverbial haystack to find the needles more quickly and easily.
AI: Enhancing Cybersecurity
Trend Micro: AI for Security and Security for AI
Rachel Jin, Vice President of Product Management at Trend Micro, highlighted their dual approach to AI: “AI for security” and “security for AI.”
She explained that Trend Micro uses AI to enhance their risk management outcomes, accelerate detection and response times, and improve overall security through automation and enriched insights. Their AI-driven initiatives aim to transform user experiences and streamline workflows, moving from reactive to proactive AI implementations.
Jin noted, “Our strategy is focused on making security better and easier with AI, transforming user experience, and empowering users with better insights and automated workflows”.
Normalyze: Securing Data with AI
Amer Deeba, CEO and co-founder of Normalyze, discussed how AI is integral to their mission of securing data across cloud and on-premises environments. Deeba emphasized that Normalyze leverages AI to understand where sensitive data resides, who has access to it, and the associated risks.
“We bring it all together by connecting all the information from the environment regarding configurations, vulnerabilities, access, sensitivity of the data with this powerful backend that’s patented and AI-based to help you connect all these dots in an intelligent way and understand attack paths that are unique to sensitive data that can lead to data breaches and compromises,” explained Deeba.
This holistic approach ensures that sensitive data remains secure throughout its lifecycle, from entry into large language models (LLMs) to its management within various data environments.
Torq: Hyper Automation in Security Operations Centers
Leonid Belkind, co-founder and CTO of Torq introduced their new offering, “HyperSOC,” which integrates hyper-automation into Security Operations Centers. Belkind explained that their solution addresses the unique needs of SOCs by automating repetitive tasks, reducing alert fatigue, and enhancing the efficiency of human analysts.
He remarked, “Advancements in generative AI in the past almost two years have not passed the security industry by. We are augmenting today, human analysts with AI analysts with a goal not only to use cool technology, but dealing with more security signals.”
Belkind also noted that the HyperSOC and employing AI to augment human security analysts acts as a force multiplier that helps security teams be more productive. According to Belkind, this approach not only improves response times but also ensures that human ingenuity is applied where it is most needed, effectively expanding the capabilities of existing security teams.
Proofpoint: AI-Driven Email Threat Detection
In an interview with Proofpoint’s CEO Sumit Dhawan and CSO Ryan Kalember, they highlighted the integration of AI into their threat detection systems. Kalember explained that AI helps in identifying and mitigating threats more swiftly than traditional methods.
They described how AI allows Proofpoint to protect the entire email delivery chain. Dhawan talked about how companies typically choose between detecting email threats before delivery or after the email is delivered.
“We’re the only ones that provide protection pre-delivery, post-delivery, and click-time,” proclaimed Dhawan.
The Competitive Advantage of AI in Cybersecurity
AI’s role in cybersecurity is no longer just a competitive advantage; it is rapidly becoming an imperative.
The expanding and complex threat landscape demands advanced tools that can keep pace with emerging threats. As highlighted by the various leaders at RSA 2024, AI enables organizations to manage and mitigate risks more effectively, providing a level of automation and insight that is unmatched by traditional methods.
Generative AI: The New Frontier
Generative AI, in particular, is gaining traction for its ability to create sophisticated defenses and simulate potential attack vectors. This capability allows organizations to anticipate and prepare for a wider range of threats. The integration of generative AI into cybersecurity tools is seen as a game-changer, providing an additional layer of intelligence that enhances overall security strategies.
AI Augments, Not Replaces, Human Analysts
Despite the advancements in AI, experts unanimously agree that AI cannot replace human security analysts. Instead, it serves to augment their capabilities, enabling them to tackle the ever-expanding and complex threat landscape more effectively.
Leonid Belkind from Torq summed it up well: “Nobody should be afraid of losing their job to AI. However, everyone should be afraid of losing their job to a human that knows how to leverage AI to do this job better”.
Cybersecurity And AI Are Inseparable
The 2024 RSA Conference underscored the transformative impact of AI on cybersecurity. From enhancing threat detection and data security to automating SOC operations, AI is at the forefront of the industry’s evolution.
As the threat landscape continues to evolve, the integration of AI into cybersecurity practices will not only provide a competitive edge but will become essential for maintaining robust and resilient defenses. The future of cybersecurity is not just about adopting AI but about leveraging it to augment human expertise and achieve greater security outcomes.