- While AI is on the verge of disrupting the cybersecurity space, the security industry needs good AI on its side against threat actors leveraging bad AI.
- More than 60 companies, including over 12 security vendors, are developing and will soon release respective AI-based cybersecurity products and services.
It’s day three of the 32nd edition of the RSA Conference, where thousands of IT and security professionals have converged to discuss respective advances in cybersecurity. After being held virtually in 2021, the conference is up to speed with its pre-pandemic in-person attendance.
However, a lot has changed between now and the pre-pandemic era in terms of technology. And as expected, one particular technology has become the talk of the event: artificial intelligence.
Speaking of AI, Rohit Ghai, CEO of RSA Security, said, â€œEvery new technology wave is bigger, faster, and more disruptive than all previous ones. This time is no different.â€
More than 60 companies, including over 12 security vendors, share Ghai’s opinions, all of which are developing and will soon release respective AI-based cybersecurity products and services. For instance, Google announced Google Cloud Security AI Workbench, which will â€œsupercharge security with generative AI.â€
Based on Sec-PaLM large language model, Google Cloud Security AI Workbench is designed to simplify search across billions of security events and conversational interaction, access to threat intelligence and workflows, and more.
IBM also unveiled its QRadar Security Suite, which unifies security analysis, AI-powered alert triaging, automated threat investigation, and more, delivered as a service over the cloud. SentinelOne also integrated generative AI into its threat-hunting tool on the SentinelOne management console.
AI-driven products aren’t unheard of. What has changed, however, is that the industry has become far more amenable to AI filling in for cybersecurity measures.
â€œWhat I think has happened is that organizations are starting to realize that from a security point of view, there’s no way in which they can keep pace and scale with the ever-evolving threat landscape without handing some decision-making off to an AI model,â€ John Dwyer, head of research at IBM X-Force, told TechTarget.
In his Day 1 address at the RSA Conference 2023, Ghai added that while AI is on the verge of disrupting the cybersecurity space, the security industry needs good AI on its side against threat actors leveraging bad AI.
Identity and access management tech, such as zero trust, is one of the areas Ghai pegs will necessarily have to rely on AI. â€œWithout good AI, zero trust has zero chance,â€ Ghai said. â€œAI will challenge our identity, our role in this world. Bad AI will take us for a ride, and identity is a sitting duck.â€
Identity is an important, albeit most targeted part of the attack surface. While AI is being maliciously leveraged to create sophisticated phishing email campaigns, it can also help counter threats by engaging it to analyze emails, manage account relationships, identify suspicious activity, and more.
However, Ghai added that the use of AI would impact cybersecurity jobs. â€œOver time, we must expect that many [cybersecurity] jobs will disappear, many will change, and some will be created,â€ Ghai said.
â€œAI will make the decisions easier and automate most identity workflows. Humans will supervise the more impactful decisions and handle exceptions. Eventually, when we exit the cockpit, we will have important roles like training, supervising, regulating, ethics, and monitoring AI for air traffic control and designing flight plans.â€
Image source: Shutterstock