OUR STANCE ON AI
The enterprise threat landscape is evolving so quickly that adapting to novel attack methodologies necessitates the adoption of novel tools. Attackers have begun leveraging Artificial Intelligence to discover and exploit vulnerabilities so quickly that zero-day attack detection is becoming the primary mechanism for CVE publication. It follows, then, that we must utilise similar tools to discover and remediate vulnerabilities. What’s more, AI tooling provides defenders a broad set of potential capabilities that can be leveraged to secure our enterprises.
The NIST CSF identifies six areas security functions within the enterprise (Identify, Protect, Defend, Respond, Recover, and Govern). In each area, we have already seen applications of AI tooling to enable security practitioners to more rapidly, efficiently, and effectively perform each of these tasks. For example, within Protect, AI can enforce change policies in real time, flagging risky configuration changes during a deployment window before they reach production. Within Detect and Respond, platforms like Splunk paired with their AI-driven SOAR orchestration can correlate threat signals across thousands of events per second and automate response workflows that would otherwise require manual analyst intervention. And within Recover, AI tools can be used to intelligently recover assets and software instances in parallel through our Black Start offering. Like orchestration and automation tools before, AI stands to powerfully augment teams of talented security practitioners. With this in mind, it is clear that in the near future, virtually every security professional will need to have a deep understanding of the capabilities and shortcomings of AI and its application to their area of expertise.
Like orchestration and automation tools before, AI stands to powerfully augment teams of talented security practitioners. With this in mind, it is clear that in the near future, virtually every security professional will need to have a deep understanding of the capabilities and shortcomings of AI and its application to their area of expertise.
As we have seen time and again with emerging technologies and frameworks that allow for novel attacks, businesses lag behind adversaries that would exploit them. However, through partnerships with industry security groups, vendors, and law enforcement, businesses are able to build a set of best practices that produce reasonable security and managed risk. This often requires paradigm shifts in infrastructure, networking, and application development. Unfortunately, this forward progress is often littered with the corpses of businesses that proved the necessity of change.
In order to better protect and advise our customers, we are investing in our team members to build expertise in the applicable uses of AI, we are developing AI first security applications to take advantage of these tools to provide much faster detection and response times and robustly enforce change management policies, and, we are continuing to focus heavily on the core tenets of good security hygiene. This latter point, focusing on good security hygiene, must always remain paramount as the most powerful security tools will still fail if the environment is not suitably secured through conventional methods.