Cyber threats will escalate in APAC this year due to generative AI exploitation: how can businesses level up with AI, too?
With recent breakthroughs in AI, more businesses have been seeking its adoption in propping-up cybersecurity. However, when it comes to using this technology as a part of their frontline defense strategy, there seem to be challenges ahead.
In a back-to-basics interview, Christine Gadsby, Vice President for Product Security, Blackberry, shares insights on how enterprises can embrace AI in a way that ensures their defense strategies stay ahead of risks.
Can you briefly discuss the role of AI in cybersecurity?
Christine Gadsby (CG): The adoption of generative AI (Gen AI) is growing rapidly as organizations seek ways to transform human tasks. Using the ability to process and analyze large volumes of data in real-time, attackers can automate their methods and improve their tactics.
Conversely, AI can empower defenders to detect and respond to threats more effectively. This technology allows them to tap into vast amounts of data and use advanced algorithms to analyze and identify patterns that may indicate potential threats. AI can also provide calculated recommendations for mitigating risks and optimizing security measures.
With such a rapid spike in the speed, volume, and type of cyber threats, organizations need to get ahead of the game and leverage AI as a frontline defense.
What are the advantages of using AI in cybersecurity? What are the risks (if there are any), of using it to combat cyberthreats?
CG: We commonly hear about the quality and efficacy of machine learning models with regard to size and performance, but the real measure of success for effective AI — particularly in cybersecurity — is speed. AI can analyze vast amounts of data in very short timespans, ensuring a much shorter mean time to detection and response.
This reduces both IT costs and dependence on scarce human resources. AI is also an effective tool that can provide organizations with round-the-clock support, with the capability to stop threats before severe damage is incurred. This means fewer people will be needed to monitor fewer alerts.
However, immature ML models can be prone to false alarms, which may mean more alerts for overstretched security teams to verify. Similarly, the decision-making process lacks transparency, which can make it difficult to explain why a certain course of action was taken. Additionally:
- Not all endpoints – such as in heavy IoT or regulated industries – are cloud-connected, so updating models may not always be feasible in these cases. For those AI and ML models that are heavily cloud-dependent, a loss of connectivity can greatly decrease detection rates, leaving organizations vulnerable.
- On a wider scale, it should be noted that new models like ChatGPT and others have opened numerous new avenues for Gen AI. Nevertheless, these consumer-grade models can be prone to data leakage and privacy violations. Plus, they have also become a handy tool for attackers trying to upskill and upscale.
- Another challenge beyond the technology itself, is the lack of skilled experts trained in using new AI tools to full advantage.
How can businesses harness AI in establishing a solid cyber defense strategy?
CG: With current iterations of AI, training is highly important to the usefulness and success of the model(s).
As creating effective AI models can be talent and resource-intensive, businesses and governments should strongly consider leveraging partners that have established models with consistent and proven success rates in detection, monitoring, and alerts in real-time.
For those planning a more proactive cyber defense strategy, some of the areas where AI can create impact can include threat detection, predictive analysis, malware detection, automatic remediation, and securing of environments.
What are the trends that you see in Asia-Pacific when it comes to AI and cybersecurity?
CG: Fighting organizational and state-sponsored cybercrime is an uphill battle for governments and organizations worldwide, particularly when it comes to ransomware.
In APAC, our customers in Japan, South Korea, and India are among the most targeted nations recording the highest number of unique malware hashes. Even more brutally, financially motivated threat actors deploying ransomware almost always use double extortion schemes. Unfortunately, this is a growing trend in any fast-growing, highly connected region.
Therefore, in this digital age, it is crucial for firms to leverage AI as an equalizer for cybersecurity, just as threat actors can use the tech to deploy thousands of unique malicious attacks per day, while also improving evasion and democratizing access to even inexperienced malicious actors.