AI & Cyber vs cybercrime-as-a-service
CISOs can fight back against cyberattacks with their own AI tools
There are two firm camps when it comes to AI - the ‘doomers’ and ‘boomers’ - as the recent OpenAI leadership brouhaha disclosed to the wider world beyond the Silicon Valley tech scene.
Yet, sadly for newspaper circulation figures, it’s far more likely that the future will be neither an AI-enabled paradise nor a post-apocalyptic wasteland as the Matrix shows us. If the first major AI battle was between realism and hallucination (or, good outputs vs garbage), the second is likely to be fraud and fakes vs authentication and resilience.
Digital is everything to the economy. There are few businesses that can do without some form of digital process in the modern world. That means, in an age where AI is certain to become weaponized at scale, our digital processes need the same speed and scale to be ready in defense.
Sounds like some of that ‘doomerism’? Well, consider that one global information source recently found that ransomware-as-a-service operations rose by 112 percent in a year. Don’t bet against cyber adversaries being adaptable and persistent, whatever you do. With AI power behind them, an army of not particularly sophisticated criminals will become elevated to elite status with the swipe of a (stolen) credit card. Already elite criminals will become fiendishly difficult to defend against.
RaaS is becoming much more advanced with the help of generative AI - which is able to fill the role of a virtual, highly skilled hacker for hire. But, in lockstep, AI for defense can be used to identify characteristics that humans can’t analyze manually, at scale.
Senior Director of Product Management International at DocuSign
Tools, tactics & best practices: Cybersecurity in the AI age
First - get the right tools. Staying secure in real-time when faced with the speed and scale of AI-driven threats, from DDoS to tailored phishing attacks, means deploying tools with great machine learning algorithms that can be both dynamic and adaptive. AI-trained tooling must be able to analyze incoming telemetry in real-time, detecting subtle anomalies, and identifying threats before they escalate. Traditional cybersecurity tools are still essential but should be being upgraded with AI power to ensure they can still defend against more sophisticated and scaled-up attacks.
AI must be deployed at multiple points, not only at the edge. Emails and networks, of course, but also in depth, authenticating identity of internal and external users, and in safeguarding access to critical data and services. One example of a changing paradigm is in electronic agreements. Organizations need to uplevel their investment in maximally secure electronic identity verification. Spotting fraud and unauthorized access attempts is one way to secure personally identifiable information and keep customer, user, business, and financial information safe.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
One use case is in liveness detection for ID verification. AI is proven to work well analyzing authorized photos against video selfies taken during the sign-up process. AI performs very well confirming if applicants are live - not a pre-recording or deepfake. The consumer gets a fast self-service experience where they are - not travelling or standing in line to progress their application.
Second - continuously scan. A multi-layered security strategy allows for defense against advanced and persistent attacks. The firewall, intrusion detection systems, and agents protecting every endpoint, creates stronger barriers. Overlapping scans for suspicious behavior, malware, and credential use helps build a picture of normal use, pinpointing deviations and areas for immediate attention.
Third - manage data securely, and validate models with human interaction. New AI models need great data to improve. Critically, with AI still in its infancy, they also need human input and oversight to deliver accuracy and reliability. Internal data must be clean, secure, and accessible only to those authorized, while the AI models accessing it must be controlled to use sensitive data securely and safely. Every part of the data lifecycle and IT infrastructure just ratcheted up a notch in importance if AI is making use of it
Validating models with human interaction to confirm the accuracy of models and outputs remains paramount. Organizations can't yet rely on AI models to be 100 percent accurate. Successful outcomes and the implementation of responsible AI will require a laser focus on accuracy - constantly improving the model with some human oversight.
Be positive - AI defenders are leading
As with the promise of automation and AI generally, we can expect that automating all types of threat detection will reduce incident response, triage, and recovery time, as well as the human resource aspect. Many of these technologies are already available within SaaS solutions. This will allow a much greater focus by the humans in the loop on other matters as trust in these AI helpers grows.
AI as a technology will certainly cause even further disruption in the cybersecurity space for the foreseeable future, but it will give as much as it takes. It’s up to technology leaders to ensure they trial, test, and take onboard what they need to ensure the benefits are seen before the risks really scale up.
Putting this into practice, test AI within a closed environment where the organisation can freely experiment. For example, create or use AI Labs where tools, consequences, and explainability can be explored. DocuSign AI Labs allows users to ‘play’ with new tools and functions, and vendors or service partners can support with comparable services.
So, stay positive, but never static. The cycle of change that AI brings is likely to leap forward at an ever-accelerating rate. Keep learning and testing to enjoy the positives and beat the bad actors who will make use of it too.
We've listed the best identity management software.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Maxime Hambersin is Senior Director of Product Management International at DocuSign.