Going Beyond Hype: How AI is Rewriting the Cybersecurity Playbook
source link: https://itwire.com/business-it-news/security/going-beyond-hype-how-ai-is-rewriting-the-cybersecurity-playbook.html
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Monday, 15 January 2024 11:43
Going Beyond Hype: How AI is Rewriting the Cybersecurity Playbook
GUEST INTERVIEW; It costs the CBA, according to Elizabeth Knight of the Sydney Morning Herald, approximately A$1.4 billion dollars per annum to maintain its branch and ATM network, primarily to handle cash. Around 15 per cent of point-of-sale transactions are now cash according to CEO Matt Comyn.[1]
Against this, a A$2 billion annual spend on information technology looks pretty decent value[2], such good value in fact that it has drawn the recent attention of Ms. Michele Bullock, Governor of the RBA[3].
Sometimes though the commitment to digital engagement comes with a price, sometimes a very high price as paid by Ms. Kelly Bayer Rosmarin, formerly CEO of Optus, following last year’s cyberattack and this year’s severe outage debacles at the firm.
Australian regulators do not seem to be in the mood to cut a great deal of slack to Australian corporations that fail to meet their obligations in the cyber realm. To quote John Lonsdale Chair of APRA:
“Many entities are still struggling with foundational issues, ensuring third-party control, making sure security control testing is in place and regularly testing incident response plans. With the potential for serious impact on millions of Australians, our patience has run out.”
How are Australian entities to meet the threat of potential significant business damage from cyber attacks and maintain their digital productivity?
I recently had the pleasure to speak with Tom D’Aquino Director of Security Validation at Vectra AI (CA) over the wire to catch up on all things “cybersecurity” occasioned by Vectra AI’s paper in early November 2023 entitled “Technical analysis: Barracuda Email Security Gateway” which featured their investigative work on an exploited vulnerability (CVE-2023-2868).
You can tell it’s a technical paper because it contains not just one but seven hexadecimal dumps that make this old stager feel young at heart.
What’s going on here Tom? Will cybersecurity threats become an unbearable burden for the enterprise?
Well, they might.
One – Operational and opportunity cost - heavily manual, bureaucratic and proscriptive security regimes are expensive to run and unscalable; they mitigate against business agility and innovation. How are these processes to cope when 67% of analysts according to Vectra AI are unable to manage the number of daily alerts received?
Two – System Complexity - hybrid information technology ecosystems are increasing, combining public cloud, private cloud, on-prem and legacy systems that generate new and individual internal interfaces where cybersecurity interventions are required. External touch points and communication mechanisms continue to multiply. It’s not just e-mail anymore.
Three – Management accountability - with this hybrid information technology model - How are cyber teams to be comfortable with the expectation that they will, despite narratives to the contrary, be taking prime responsibility for cybersecurity?
Four – Technological evolution - How to disentangle the (increasingly sophisticated as illustrated by the Vectra AI paper) malevolent from the mundane in the enormous volumes of data that in a state of continuous flux is ingested into the enterprise daily.
Tom articulates the Vectra AI proposition that AI using anomaly and categorisation models can play a key role in the simplification of the challenge to a manageable task for SOC teams, for example by the removal of false positives from the set of alerts. Perhaps such shielding can be deployed as a layered configuration of protections rather like the moats and walls of a renaissance city-state.
Much hype has surrounded the arrival of AI in the popular consciousness - many alarmist and outlandish claims have been made.
History shows us though that new technology can be at its most effective when used in high-volume, repetitive and systematic processes for which human aptitudes are unsuited and where human expertise is best deployed upon the exception. The organisation and initial evaluation of a vast body of data, in this case, a torrential inbound stream could be such an application.
Of one thing we can be certain – AI will be mercilessly deployed by the cyber attacker and enterprises that do not adopt a concerted and technologically advanced defence as propositioned by Vectra AI could well be overwhelmed.
Check out our talk here:
Or, if you prefer, listen to the audio here:
[1] https://www.smh.com.au/business/companies/why-even-grandparents-don-t-care-about-the-death-of-daily-mail-delivery-20231205-p5ep7b.html
[2] https://www.commbank.com.au/about-us/investors/annual-reports/annual-report-2023.html
[3] https://www.rba.gov.au/speeches/2023/sp-gov-2023-12-12.html?ref=biztoc.com
Read 52 times
Please join our community here and become a VIP.
Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here
GARTNER MARKET GUIDE FOR NDR 2022
You probably know that we are big believers in Network Detection and Response (NDR).Did you realise that Gartner also recommends that security teams prioritise NDR solutions to enhance their detection and response?
Picking the right NDR for your team and process can sometimes be the biggest challenge.
If you want to try out a Network Detection and Response tool, why not start with the best?
Vectra Network Detection and Response is the industry's most advanced AI-driven attack defence for identifying and stopping malicious tactics in your network without noise or the need for decryption.
Download the 2022 Gartner Market Guide for Network Detection and Response (NDR) for recommendations on how Network Detection and Response solutions can expand deeper into existing on-premises networks, and new cloud environments.
PROMOTE YOUR WEBINAR ON ITWIRE
It's all about Webinars.Marketing budgets are now focused on Webinars combined with Lead Generation.
If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.
The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.
Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.
We look forward to discussing your campaign goals with you. Please click the button below.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK