top of page

AI and Cybersecurity: Emerging Threat Detection and Response Applications


Artificial Intelligence (AI) has taken the technology world by storm. Its impact on cybersecurity – both good and bad – is just beginning. While we’re only just skimming the surface, here are some insights (and questions) that have come out of a recent ACSC session with our Research Partner ThreatWarrior.


There Is Reason to Be Bullish About AI in Cybersecurity

Unsupervised machine learning (ML) is changing the game of cybersecurity. Two key questions for vendors that will help you assess what’s right for your security needs:

1. Are you using supervised or unsupervised machine learning?

2. Are you using your network data or is that data crowdsourced?


AI will quiet today’s noisy anomaly detection. Small changes in behavior alone are pure noise. But tied together, they paint a strong signal that an incident is occurring. This brings alert triage to a new level – and gives the good guys a fighting chance at reducing dwell time.


The use cases are nearly endless. AI shines a light on the “every-dayness” that clever attackers rely upon to do their bidding.


Security jobs aren’t going away. Think about AI as “augmented intelligence” instead of artificial intelligence. Humans still have the extra knowledge necessary to interpret the world. AI tools can’t replace this – but they will allow us to see further, act faster and defend more.


We Need to Have Eyes Wide Open

But buyer beware! AI is trendy right now. Every vendor will tell you they have AI and ML capabilities – but do your due diligence. That also means ensuring your cybersecurity workforce is ready for AI. If they aren’t close to operations, the benefit may limited. And, of course, know that the bad guys are using AI too.


Misinformation will become harder to refute - and spread faster. Supply chain attacks will happen. Man-in-the-middle attacks for large language model services, like open AI, where API requests will be intercepted will happen. Published models that are reverse engineered will lead to all kinds of havoc. Not to mention, adversarial prompting and command chaining will create new classes of threats.


Be Deliberate About AI.

With the arrival of ChatGPT and other open-source AI platforms, everyone can interact with and learn from AI. If your organization has a solid use case for AI, go for it. Just make sure you ask yourselves these fundamental questions:

  • Are privacy, ethics, and security concerns well understood?

  • Is vendor disclosure standard?

  • Can you trust AI and your underlying data sources?

  • What does your AI policy look like?

  • Is an AI-specific policy needed?

The truth of the matter is that you probably can’t fully answer these questions yet – none of us can. And perhaps that informs your decision.


Policy Or Not. The Legal Landscape Is Evolving

The EU is currently leading the regulatory charge with its EU AI Act, which assigns applications of AI to three risk categories. At least one member said this legislation is worth following as, similar to GDPR, it could become a global standard. US policy makers are drafting an AI “bill of rights” that covers privacy, notice, opt out, and safety. And copyright protection is currently being tested.


Steps You Can Take

Here’s a few steps you can take to start scratching the surface of what AI tools have to offer:

  1. Increase your understanding of AI – learn about Machine Learning, Neural Networks, Unsupervised learning, and AI accountability.

  2. Educate – provide education to your staff about what to insert, and perhaps more importantly, what not to insert into a large language model.

  3. Trust but verify – develop your AI footprint deliberately to be able govern and audit it.

  4. Don’t kill curiosity.

To say there’s a lot to think through is an understatement. The point is to take these points into consideration as you develop your own use cases to ensure you’re maximizing the benefits of AI while minimizing the negatives.


Want to learn more? Understand what other companies are doing? What leading technology providers are building to deliver next generation services? You can be a part of these important discussion too! Contact Jim Dinneen at jdinneen@acscenter.org to learn how your organization can become a member.

75 views0 comments

Comments


bottom of page