The dual nature of GenAI within cybersecurity
In the ever-evolving landscape of cybersecurity, security teams face a plethora of threats and trends that demand attention and robust solutions. IT infrastructure is growing in diversity, location and size, and cyberattacks are ever-evolving in cadence and sophistication. The security team’s job to protect sensitive data, oversee user access, promptly identify and address security breaches, and, ultimately, recover from a cyberattack throughout the infrastructure, including edge, core and cloud, is more complex than ever.
We are seeing evidence of this play out in real time, not just with the increasing number of headlines about cyberattacks taking place. Our research has also uncovered that almost half (48%) of UK organizations have reported experiencing a cyberattack or incident that prevented access to data recovery in the last year. This figure increased to 87% when we asked respondents if they recalled their organization experiencing cyber-related disruption in 2023.
Interestingly, while progress in GenAI has advanced and generated much excitement, it is both the culprit and savior of the ‘perma-crisis’ we’re experiencing within cybersecurity. On the one hand, GenAI delivers novel avenues to protect businesses in an ever-evolving threat landscape, protecting IT environments with greater sophistication and scale. On the other hand, it is the perfect vehicle for malicious actors to enhance their attacks. GenAI systems themselves can also be targeted; as AI becomes more integrated into critical systems and infrastructure, the potential for hacking grows.
It’s not just business operations at risk from significant disruption in this new world. Our findings also revealed that costs associated with cyberattacks and related incidents have doubled globally, topping USD 1.41 million (USD 0.66 million in 2022). This shows that getting cybersecurity strategies wrong can be expensive, and businesses’ concern over whether their existing data protection measures are sufficient to cope is valid. We don’t yet understand the full extent of the threats and rewards that GenAI offers, which makes managing risk and enhancing value a balancing act for all businesses on the GenAI journey. So, how can business leaders navigate this challenge of deploying GenAI quickly and securely while also using it to enhance protective measures?
Director for Data Protection and Cyber Resilience, Dell Technologies UK.
Gen AI as the great threat detector
Although GenAI can indeed be an accelerant to cybersecurity threats (according to our research, 27% globally feel GenAI will initially provide an advantage to cyber criminals), it can also be used to detect and respond to anomalies and potential threats in real-time. Again, looking at the results of our recent study, 40% of organizations in the UK are optimistic about GenAI’s capabilities for bolstering their cyber defenses.
Strengthening one’s infrastructure’s security posture is essential before leveraging GenAI as an ally in securing an organization. An organization must identify and minimize vulnerabilities and entry points that can compromise applications, systems, or networks across various domains, including edge, core, and cloud. GenAI can become the ultimate protector of the avenues cyber criminals love to exploit through improved and automated threat detection and response, predicting future threats, and identifying patterns, anomalies, vulnerabilities, and indicators of compromise.
Detecting and responding to cyber threats means staying alert. With the ability to recognize known attack signatures and identify deviating behavior, staying alert and acting are things GenAI can do incredibly well. For instance, for those bad actors that gain access, GenAI can use its power to help keep hackers in confinement and stop them from spreading further within the system, avoiding the escalation of the attack.
By continuously monitoring user behavior and network activity, GenAI can be trained to strengthen the cybersecurity position of the organization and adjust permissions based on risk assessments. It can even be used as a password generator to provide complex, unique passwords. Cybersecurity is a non-negotiable for businesses, so to combat sophisticated cyber threats, organizations must understand how AI can identify and respond to what’s known and unknown, avoid cyber-attacks, maintain robust security practices and accelerate ideas to innovation.
The power of Zero Trust
Traditional prevention methods have typically focused on a ‘perimeter-centric’ approach, using a security framework rooted in the ‘trusted known’ inside the perimeter, i.e. employees and partners, and the ‘trusted unknown’ outside the boundaries, i.e. hackers and bad actors. However, the increasingly sophisticated nature of GenAI has allowed bad actors to enter the network disguised as the ‘trusted known’. Keeping an organization safe from cyber-attacks is much more complicated in a world where anyone has Gen AI at their fingertips.
Well-protected organizations institute a Zero Trust security model, a comprehensive strategy focusing on three core practice areas: reducing the attack surface, detecting and responding to cyber threats, and restoring business operations fast and with as little interruption as possible. Zero Trust operates on the “never trust, always verify” principle. By approaching security assuming breaches have already occurred, organizations are challenged not to implicitly trust any user, device or network, whether internal or external.
Zero Trust’s holistic approach ensures multiple policy checkpoints and automatically grants or denies requests based on user behavior patterns. One can quickly appreciate the relationship between GenAI and Zero Trust – capabilities such as behavioral analytics and anomaly detection, automated threat response and remediation, and adaptive access control can strengthen an organization’s Zero Trust framework.
Modern cybersecurity must be intelligent, scalable and automated
To truly reap the benefits of GenAI, security teams must remain vigilant and adaptable to emerging threat vectors. Investment in more intelligent, adaptive behavioral and machine learning defenses will be crucial, as will the monitoring of GenAI’s impact on the evolving attacker landscape. Addressing blind spots, reducing fraud risks, and integrating GenAI into training programs are further essential measures to stay ahead of cyber threats.
While GenAI does indeed necessitate a re-evaluation of security strategies to include the protection of its own systems, it also promises vast benefits. We will see this value in improved threat detection and response; predicting future threats, automating threat detection, facilitating forensic analysis, delivering personalized security awareness training and scaling security operations. GenAI will also help companies increase efficiency and augment the security skills gap by freeing human security personnel to focus on more strategic and complex tasks.
2024 is the year we move from GenAI experimentation to seeing real-time, tangible business outcomes. And yet we know that the technology, and the benefits and risks it represents, will continue to evolve, perhaps in unexpected ways. That means security teams must revisit and refine safety and security strategies in the context of AI and be ready to adapt how they protect their workflows and underlying data. Security teams must prepare today because AI promises to change how we do business (and keep it safe) tomorrow.
We’ve listed the best business password manager.
This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro