AI and ML are not new concepts in cybersecurity, but they are one of the key takeaways from the 2024 RSA … [+]
The 2024 RSA Conference brings together the cybersecurity industry's brightest minds and most innovative companies. The consensus was clear. Artificial intelligence (AI) is revolutionizing cybersecurity, enhancing capabilities and making defense mechanisms more efficient and robust.
I had the opportunity to speak with various vendors and experts to learn more about their products, services, and future developments. A common theme revolved around AI.
AI is not new
To be clear, while AI has gained significant mainstream attention thanks to ChatGPT and other generative AI models and tools that have taken the world by storm over the past year and a half, cybersecurity is not new to AI. there is no. AI and ML were hot buzzwords in the industry even before generative AI was introduced.
The belief that it is impossible to respond to vast amounts of data and events manually or by humans alone has been true for many years. We all know that there are certain routine tasks that are easy to automate and occur in vast quantities, making AI and ML fundamental requirements for some elements of cybersecurity.
What has changed is that generative AI has democratized access to cybersecurity. This allows individuals who are not security experts to understand your security posture, and allows security professionals to dig through the proverbial haystack and find the needle more quickly and easily.
AI: Strengthening cybersecurity
Trend Micro: AI for Security and Security for AI
Rachel Jin, vice president of product management at Trend Micro, highlighted two approaches to AI: “AI for security” and “security for AI.”
She explained that Trend Micro uses AI to enhance risk management outcomes, reduce detection and response times, and improve overall security through automation and richer insights. Her AI-driven efforts at the company aim to transform user experiences, streamline workflows, and move from reactive to proactive AI implementations.
Jin said, “Our strategy is focused on making security better and easier with AI, transforming the user experience and providing users with better insights and automated workflows.” said.
Normalyze: Protecting your data with AI
Amer Deeba, CEO and co-founder of Normalyze, spoke about how AI is integral to the company's mission to protect data across cloud and on-premise environments. Deeba highlighted that Normalyze leverages AI to understand where sensitive data resides, who has access to it, and the associated risks.
“We bring it all together by connecting all the information from your environment about configuration, vulnerabilities, access, and data sensitivity to a powerful, patented AI-based backend. It allows us to connect all the dots in an intelligent way and understand attack paths, which are unique to sensitive data and can lead to data breaches and security breaches,” Deeba explained. .
This holistic approach ensures that sensitive data remains secure throughout its lifecycle, from input into large-scale language models (LLMs) to management within various data environments.
Torq: Hyper-automation for security operations centers
Leonid Belkind, co-founder and CTO of Torq, introduced HyperSOC, a new product that integrates hyperautomation into security operations centers. Belkind explained that their solution addresses the unique needs of SOCs by automating repetitive tasks, reducing alert fatigue, and increasing the efficiency of human analysts.
He said, “Advances in generative AI over the past almost two years have never outpaced the security industry. We are now not only using cool technology, but also aiming to process more security signals. “We are augmenting our human and AI analysts.”
Belkind also pointed out that employing HyperSOC and AI to augment human security analysts acts as a force multiplier that helps increase the productivity of security teams. According to Belkind, this approach not only reduces response times, but also ensures that human ingenuity is applied where it's needed most, effectively extending the capabilities of existing security teams.
Proofpoint: AI-powered email threat detection
In an interview with Proofpoint CEO Sumit Dhawan and CSO Ryan Kalember, they highlighted the integration of AI into the company's threat detection systems, with Kalember explaining that AI helps identify and mitigate threats faster than traditional methods.
They explained how AI allows Proofpoint to secure the entire email delivery chain. Dhawan talked about how companies typically choose to detect email threats before or after delivery.
“We are the only company that offers pre-delivery, post-delivery and click-time protection,” Dhawan declared.
AI’s competitive advantage in cybersecurity
The role of AI in cybersecurity is no longer just a competitive advantage. It is rapidly becoming a must-have.
The growing and complex threat landscape requires advanced tools to respond to new threats. As highlighted by various leaders at RSA 2024, AI enables organizations to more effectively manage and mitigate risk, offering a level of automation and insight unmatched by traditional methods.
Generative AI: A new frontier
In particular, generative AI is gaining traction for its ability to build sophisticated defenses and simulate potential attack vectors. This capability allows organizations to anticipate and prepare for a broader range of threats. Integrating generative AI into cybersecurity tools is seen as innovative, providing an additional layer of intelligence that enhances the overall security strategy.
AI augments human analysts, not replaces them
Despite advances in AI, experts unanimously agree that AI cannot replace human security analysts. Rather, it helps strengthen its capabilities and enable it to more effectively deal with an ever-expanding and complex threat landscape.
Torq's Leonid Belkind sums it up well: “No one should fear losing their job to AI. But everyone should fear losing their job to humans who know how to leverage AI to do this job better.”
Cybersecurity and AI are inseparable
The 2024 RSA Conference highlighted the transformative impact of AI on cybersecurity. From detecting threats and enhancing data security to automating SOC operations, AI is at the forefront of industry evolution.
As the threat landscape continues to evolve, integrating AI into cybersecurity practices will not only provide a competitive advantage, but will be essential to maintaining a robust and resilient defense. The future of cybersecurity is not just about embracing AI, but also about leveraging it to augment human expertise and achieve better security outcomes.
