CS Jan-Feb 2024
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
artificial intelligence<br />
AI - WHERE NEXT?<br />
WITH EVER MORE ALARMING NEWS EMERGING ABOUT THE PERILS OF AI, HOW MIGHT THE TECHNOLOGY<br />
ADVANCE AND MUTATE FROM HERE - AND WHAT WILL THAT MEAN FOR THE SECURITY INDUSTRY?<br />
As AI technologies become ever more<br />
sophisticated, the security risks<br />
associated with their use and the<br />
potential for misuse will increase<br />
correspondingly. "Hackers and malicious<br />
actors can harness the power of AI to<br />
develop more advanced cyberattacks,<br />
bypass security measures and exploit<br />
vulnerabilities in systems," warns global<br />
media company Forbes. It's a dispiriting<br />
picture. Does it suggest that AI may<br />
gradually spiral out of control, to the<br />
point where it dictates, rather than<br />
follows? And what might that dystopian<br />
vision mean not just for our industry,<br />
but for humanity as a whole?<br />
However, as David Mahdi, CIO, Transmit<br />
Security, points out, technology is<br />
essentially "morally neutral" and can be<br />
used for good or ill. Just as AI and Large<br />
Language Models (LLMs) can be used for<br />
positive purposes, they can similarly be<br />
used with malicious intent. "It was not<br />
even one year after the release of ChatGPT<br />
that bad actors developed generative AIenabled<br />
tools, such as FraudGPT and<br />
EvilGPT," he points out. "Back in <strong>Feb</strong>ruary<br />
2023, we predicted that by <strong>2024</strong> attackers<br />
would have a Generative AI service that<br />
would include: reconnaissance information<br />
on specific companies, malicious code,<br />
software vulnerabilities, zero day vulnerabilities,<br />
compromised identities, credit<br />
cards, loyalty programme accounts,<br />
customer and employee personally identifiable<br />
information to help with social<br />
engineering attacks and more. We were<br />
right, if a few months off."<br />
The sheer scale and velocity of attacks will<br />
require organisations to start employing a<br />
holistic AI-based approach, in order to<br />
fight these new threats, Mahdi warns.<br />
"They need to go from relying on toughto-scale<br />
detection to overall automated<br />
defence strategies which empower teams -<br />
whatever size or level - to leverage AI/ML<br />
tools that enhance real-time detection, as<br />
well as offline analysis, case management,<br />
model improvement and proactive<br />
protection."<br />
ECOSYSTEMS WILL BE STREAMLINED<br />
As the industry's focus shifts towards<br />
operational agility and acceleration,<br />
companies will look to streamline their<br />
security ecosystems, limiting suppliers to<br />
a finite number of reliable and effective<br />
vendors, predicts Mike Spanbauer, field<br />
CTO at Juniper Networks. "The complexity<br />
of multi-system integrations will give way<br />
to vendors who can integrate efficiently<br />
and provide technology that just works.<br />
These vendors will be relied on to deploy<br />
secure IT systems, underpinned by artificial<br />
intelligence and machine learning [ML] that<br />
ensure fully optimised user experiences.<br />
This will be especially important as the<br />
quantifiable benefits from the use of AI<br />
related to analytics and operational<br />
playbooks develop further. These benefits<br />
will help bridge some of the heavy lifting<br />
that Security Operations Center (SOC)<br />
analysts do today. The technology will also<br />
benefit how response and mitigation<br />
capabilities translate into operational ones."<br />
At the same time, AI will continue to<br />
prove dangerous in the hands of threat<br />
actors, accelerating their ability to write<br />
and deliver effective threats. "Organisations<br />
will need to adapt how they approach<br />
defence measures and leverage new,<br />
proven methods to detect and block<br />
threats. We will see the rise of nearly realtime<br />
measures that can identify a potentially<br />
malicious file or variant of a known<br />
threat at line rate." We can also expect<br />
organisations to make larger investments<br />
in Zero Trust network security strategies,"<br />
Spanbauer continues.<br />
ACCELERATED THINKING<br />
One potential benefit to society that AI<br />
offers, states David Trossell, CEO and CTO<br />
of Bridgeworks, is the use of AI and ML in<br />
WAN Acceleration. Why is that? "Well, with<br />
increasing reliance on digital technologies,<br />
latency and packet loss could have their<br />
own field day by slowing down Wide Area<br />
Networks, such as the internet. When<br />
WANs are slow, hackers can intercept data<br />
that's often unencrypted in flight. A slow<br />
WAN can also extend the time it takes to<br />
back up and restore sensitive data that is<br />
required to maintain an organisation's<br />
service continuity.<br />
"WAN Optimisation doesn't live up to its<br />
promise. Data is sent unencrypted and is<br />
then re-encrypted at either end of the pipe.<br />
WAN Optimisation often doesn't live up to<br />
its data and network acceleration promise.<br />
AI is being used with SD-WANs and it's a<br />
great technology, but it, too, needs a boost<br />
with WAN Acceleration to increase the<br />
speed of encrypted data transfers.<br />
"Organisations must consider how they<br />
protect their data, and how they can<br />
increase their bandwidth utilisation by<br />
mitigating the effects of latency and packet<br />
loss to improve their ability to maintain<br />
service continuity and to prevent cyberattacks.<br />
WAN Acceleration can be an<br />
18<br />
computing security <strong>Jan</strong>/<strong>Feb</strong> <strong>2024</strong> @<strong>CS</strong>MagAndAwards www.computingsecurity.co.uk