Artificial intelligence (AI) technology has evolved into an essential tool rather than a mere option. In an email interview with Back End News, Nathan Wenzler, chief cybersecurity strategist at Tenable, a cybersecurity solutions company, discussed how the benefits of AI outweigh the associated risks.
AI extends beyond simple automation, though automation remains a key use case. Security researchers can analyze asset inventories and identify vulnerable devices much faster with AI than doing it manually.
“Generative AI (GenAI) tools can ingest, process, and analyze patterns within vast amounts of data about assets, vulnerabilities, threats, configurations, and other datasets to pinpoint organizational risks,” Wenzler said.
Wenzler emphasized the strengths of leveraging GenAI, such as its ability to handle large datasets at scale. AI can quickly identify patterns and determine which systems are most at risk, aiding in prioritizing patching efforts.
“Manually analyzing this information is time-consuming and exposes the organization to attacks while decisions are being made,” he said. “For example, AI can analyze identity, vulnerability, and configuration data simultaneously to identify critical devices like the CEO and CFO’s laptops.”
Data accuracy and risks
GenAI’s effectiveness depends on the quality of data it processes. Over-reliance on data accuracy can pose risks, as cybercriminals might manipulate datasets, leading to incorrect outputs. Wenzler warned, “Cybercriminals could potentially manipulate these datasets, rendering the technology useless by causing it to return inaccurate results.”
GenAI can recognize and analyze patterns, allowing security professionals to quickly access the needed information. This advantage speeds up response times compared to traditional search methods.
“A security operations center (SOC) analyst may receive numerous alerts, vulnerability findings, and login attempts,” said Wenzler. “Manually identifying which issues require immediate attention takes a significant amount of time and expertise.”
Limitations and human intervention
Despite its potential to enhance productivity, GenAI is not an absolute solution and human intervention remains necessary. Wenzler highlighted that the integrity of datasets is crucial. Flawed data leads to incorrect outputs, risking critical decisions based on inaccurate information.
“Many express concern about the interfaces or algorithms being compromised directly, but a greater issue is an attacker poisoning the dataset itself,” Wenzler said.
For organizations concerned about application security, standard controls like strong access controls, regular application security testing, and output validation are essential. Addressing data poisoning requires robust data validation techniques and smaller, manageable datasets focused on specific analyses.
While AI introduces new challenges, a strategic approach can harness its capabilities for robust cybersecurity. The key is staying ahead of evolving threats, adhering to security best practices, and effectively leveraging AI.
Practical steps for Philippine organizations
Wenzler advises Philippine organizations can adopt robust cybersecurity frameworks using AI by transitioning to a risk-based approach for identifying, prioritizing, and mitigating vulnerabilities. It can also help in threat detection and analysis which leads to faster response.
“AI tools can automate these processes, providing quick, contextualized information for better decision-making,” he said.
Organizations should integrate AI with traditional cybersecurity measures to create a comprehensive defense strategy. AI tools can automate data and risk analysis processes, improving efficiency and speed. Government agencies can adopt AI-driven tools to monitor and protect sensitive information. These tools can analyze vast amounts of data in real-time, identifying potential threats and vulnerabilities before they can be exploited. By integrating AI into their cybersecurity strategies, government agencies can enhance their ability to protect critical infrastructure and sensitive data from cyber threats.
“However, they are not a replacement for existing security controls but rather an enhancement to empower security teams to proactively address risks and prevent data breaches,” Wenzler said.
Balancing AI and traditional measures
A balanced approach involves using AI to complement human expertise. AI can handle the heavy lifting of data analysis and threat detection, allowing security professionals to focus on higher-level decision-making and strategy. This combination of AI and human intelligence creates a more resilient and adaptive security posture.
To effectively leverage AI in cybersecurity, organizations must invest in education and training. Security professionals need to understand how AI works, its capabilities, and its limitations. Training programs should cover the fundamentals of AI, data science, and cybersecurity to equip professionals with the skills they need to use AI tools effectively.
Organizations should promote a culture of continuous learning. The cybersecurity landscape is constantly evolving, and staying up-to-date with the latest developments in AI and cybersecurity is crucial. Regular training sessions, workshops, and certifications can help security teams stay informed and prepared to tackle new challenges.
Wenzler said the future of cybersecurity in the Philippines and beyond will increasingly involve AI. As AI technology continues to advance, its role in cybersecurity will expand, offering new opportunities and challenges. Organizations that adopt a proactive and strategic approach to AI integration will be better positioned to protect their assets and respond to emerging threats.
You must be logged in to post a comment.