I had an opportunity to attend Steve Piper’s webinar on Five Ways AI Improve Cybersecurity Defense. I am sharing my notes, thoughts and reflections. Don’t forget to check out the AI image generated at the end of this article 🙂
I hope it’s useful for you. Please let me know your thoughts or questions in the comment section.
–
- Global spending on AI will explode to $301 billion by 2026.
- There are three layers of AI
- Outer layer: Artificial intelligence – Early chatbots and decision trees.
- Mid layer: Machine Learning – Weather prediction, spam and fraud detection.
- Inner layer: Deep learning – chatGPT, self-driving cars, anomaly detection and drug discovery.
Today’s AI focus is on Deep Learning.
I found the below interesting about chatGPT.
- It took Netflix 3.5 years to get 1 million users.
- Twitter took 2 years.
- Facebook took 10 months.
- Instagram took 2.5 months.
- chatGPT only took 5 days to get a million users!
There is a lot of insecurity about AI and the future. Although AI will replace many jobs, it will also create new jobs and improve the quality of work.
5 Ways AI Improve Cyber Defense
Trend 1: Integration of Generative AI
- There will be a lot of projects on integrating Generative AI with existing security device interfaces.
- One of the prominent use cases is to leverage natural language to query network devices
- Example: show all devices connected to a network with log4j or insecure default setting
- Generative AI can go further one step ahead. It doesn’t only detect the vulnerability, it does remediate too.
- Example: Suggest a remediation plan and configuration steps to address the log4j vulnerability.
Trend 2: Malware detection
- Signature-based detection is outdated. There is a rise in three use cases for AI in cyber defense.
- Static file analysis – AI tools can auto-scan files for malware detection with metadata.
- Anomaly detection – AI tools can detect abnormal network detection such as why one laptop is connected to two different subnets.
- Behavioural analysis – AI tools can detect the unusual login pattern such as why an accounting staff logged in at 10 PM on Saturday.
Trend 3: Automate incident response
- Perhaps this is the most dangerous trend for the future. If AI can automate the entire incident response cycle – who needs humans?
- I think it will take some years to adapt and trust AI because there are high chances of false positives. Maybe it’s feasible for big corporations to deploy automated AI tools in their network but what about small to medium-sized companies? They still have to rely on humans.
Automated AI incident response is like self-driving cars. Can you sleep and trust the AI?
- AI can be automated but you still need some sort of oversight, monitoring and continuous security. Getting grips on such tools will create new AI jobs.
- What does AI’s automated incident response look like?
- It can identify the incident and notify appropriate stakeholders via email or message.
- It can block suspicious IPs upon detection, revoke access and terminate malicious processes to reduce the impact.
- It can determine the root cause and suggest remediation for the future.
Trend 4: Vulnerability patching
- Fixing vulnerability based on CVSS score is outdated.
- The rising trend is sentiment analysis. It’s cool what AI can do.
- AI can crawl over various discussion forums, social media and the dark net to detect what people are talking about. It can detect fraud and criminal activities in advance. Check out this article from Forbes if you want to know more.
Trend 5: Optimizing identity & access management
- Multi-factor authentication (MFA), restricting IP, access time and location are known.
- The emerging trend is continuous authentication.
- Even when a user is authenticated with MFA, the AI tool can continuously track other user’s activities such as keyboard typing speed, mouse tracking movements and device interaction habits.
- Similar to AI’s automated incident response, this use case is prone to many false positives.
- The other use cases are automated user on/ off onboarding and self-service password resets.
–
Below is my attempt to generate AI’s cyber defence intention and fight with humans in the future using pixlr. I’d encourage you to generate your image and post the link in the comment section 🙂
–
Join my private email list – I share CISSP concepts, AI insights, short films, industry news, learning resources, and curated content. You can check out the sample newsletter before you subscribe. No spam. No ads. Unsubscribe at any time.