The IT infrastructure that underpins today’s businesses is unrecognizable from even a few months ago. Every organization, planned or unplanned, has migrated to the cloud with AI intertwined given each enhances the other's capabilities.
Cloud and AI are undeniable game changers for businesses; however both introduce complex cyber risks when combined. Cloud security measures must evolve to meet the new challenges of AI and find the delicate balance between protecting against complex attacks on AI data and enabling organizations to achieve responsible AI innovation.
EMEA Technical Director and Security Strategist, Tenable.
The marriage of Cloud and AI
Cloud computing provides the infrastructure and resources needed to power AI algorithms, while AI makes cloud services more intelligent, efficient, and user centric. Underpinning this is the development team, running at full speed, creating and deploying new applications that reshape operations, enhance scalability, flexibility, and scrape cost savings where it can. But for those working to secure these shifting environments, it’s like trying to catch smoke. What is secure today may move, morph or even disappear entirely.
According to the Cloud AI Risk Report, cloud-based AI is prone to avoidable toxic combinations that leave sensitive AI data and models vulnerable to manipulation, data tampering and data leakage. As an illustration, this could leave AI training data susceptible to data poisoning, threatening to skew model results. Researchers calculated that almost 70% of cloud AI workloads contain at least one unpremeditated vulnerability.
Rather concerning was the discovery that three out of four organizations using one specific cloud provider for AI services were found to have overprivileged default configurations. Dubbed ‘The Jenga-style’ concept, the research found a tendency for cloud providers to build one service on top of the other, with “behind the scenes” building blocks inheriting risky defaults from one layer to the next, with any single misconfigured service putting all the services built on top of it at risk. The result is users left largely unaware of the existence of these behind-the-scenes building blocks as well as any propagated risk.
Threat Actors are circling
When we talk about AI usage in the cloud, more than sensitive data is on the line. If a threat actor manipulates the data or AI model, there can be catastrophic long-term consequences, such as compromised data integrity, compromised security of critical systems and degradation of customer trust. In addition, training and testing data is an attractive target for misuse and exploitation, as they may contain real information such as intellectual property, personal information (PI), personally identifiable information (PII) or customer data related to the nature of the AI project.
Threat actors are not just targeting AI but also harnessing it. Reports confirm that they have a number of powerful AI tools at their disposal, including AI-driven virtual assistants that can streamline and amplify their attacks. So far this year, there have been reports of threat actors harnessing AI to write malware for ransomware attacks. In fact, FunkSec, according to CheckPoint, is one such group that is believed to use AI-assisted malware development. The danger is that this could see inexperienced actors able to spin up and refine tools quickly to launch their own criminal escapades.
AI powered defenses
AI can be used to search for patterns, for the team to inspect what is happening within the organization's infrastructure and explain results in the simplest language possible. This can help the security team know what is important, the attack paths that could be travelled should a threat actor gain access, and where to best prioritize efforts to shut off these paths to reduce cyber risk. Solutions such as data security posture management (DSPM) and AI security posture management (AI-SPM) are becoming integral to many organizations.
Gartner defines DSPM as “... visibility as to where sensitive data is, who has access to that data, how it has been used, and what the security posture of the data stored or application is.” Put simply, DSPM solutions discover, classify and remediate data risks in cloud environments.
AI-security posture management (AI-SPM) is a cloud native application protection platform (CNAPP) domain that gives security teams full visibility and security of AI workloads, services and data used in training and inference without deploying an agent. It identifies and prioritizes AI resources based on sensitivity, access and risk relationships, providing the context needed to isolate the most critical AI exposures.
In summary
Though standalone DSPM and AI-SPM services act as powerful spotlights to illuminate data and AI resources, if they’re not combined with broader cloud security measures, they can't prevent unauthorized access or breaches that exploit vulnerabilities in the cloud infrastructure.
While the combination of AI and cloud offers immeasurable benefits, it introduces risks that could jeopardize sensitive data and data integrity, ultimately diminishing customer trust and business bottom lines. Organizations need DSPM and AI-SPM to pinpoint their valuable data and AI resources and cloud security solutions to build a secure vault around them.
We list the best antivirus software.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.