Late News

What enterprise CISOs need to know about AI and cybersecurity

Hari Sivaraman is the Head of AI Content Strategy at Venturebeat.

Modern day enterprise security is like guarding a fortress that is being attacked on all fronts, from digital infrastructure to applications to network endpoints.

That complexity is why AI technologies such as deep learning and machine learning have emerged as a game-changing defensive weapon in the enterprise’s arsenal over the past three years. There is no other technology that can keep up. It has the ability to rapidly analyze billions of data points, and glean patterns to help a company act intelligently and instantaneously to neutralize many potential threats.

Beginning about five years ago, investors started pumping hundreds of millions of dollars into a wave of new security startups that leverage AI, including CrowdStrike, Darktrace, Vectra AI, and Vade Secure, among others. (More on these companies lower down).

But it’s important to note that cyber criminals can themselves leverage increasingly easy-to-use AI solutions as potent weapons against the enterprise. They can unleash counter attacks against AI-led defenses, in a never-ending battle of one-upmanship. Or they can hack into the AI itself. After all, most AI algorithms rely on training data, and if hackers can mess with the training data, they can distort the algorithms that power effective defense. Cyber criminals can also develop their own AI programs to find vulnerabilities much faster than they used to, and often faster than the defending companies can plug them.

Humans are the strongest link

So how does an enterprise CISO ensure the optimal use of this technology to secure the enterprise? The answer lies in leveraging something called Moravec’s paradox, which suggests that tasks that are easy for computers/AI are difficult for humans and vice-versa. In other words, combine the best technology with the CISO’s human intelligence resources.