Since the walls, drawbridges and turrets of perimeter security crumbled into the past, we have been left vulnerable in the treacherous expanse of a perilous threat landscape.
Security professionals have devised innovative methods to keep us alive during these times of uncertainty, but now a beacon of hope that could lead us out of the wilderness has appeared – AI.
Speaking to CBR’s Tom Ball, Otto Berkes, CTO of CA Technologies, was bold in his belief that AI could be the cybersecurity savior we so desperately need.
He said: “Yes, I believe [AI is the future for cybersecurity]. We have to be able to use true intelligence that is adaptive, you discover a security threat, you do everything that you need to do to mitigate it in the future, but you just squeeze the bubble under the sticker.
“The fact is the idea of endpoint security, having this static barrier around your IP, just does not work anymore. The fact is that very advanced AI and machine learning technologies are available to anyone,” Mr Berkes told CBR.
Open source access to AI technology is becoming widely available, with the likes of TensorFlow, Microsoft and Facebook engaged in development projects. However, accessibility to all comes with the inherent danger that those with malicious motives can also use the technology for nefarious means.
“The building blocks are available to anyone and unfortunately the fact is that people with bad intentions are going to use these powerful, ever improving technologies and find clever and malicious ways to use them,” said Mr Berkes.
Necessity may prove to truly be the mother of invention in this instance, with AI security essential to combat the implementation of the technology by threat actors.
“AI can have any goals you give it, good or evil, and it will intelligently pursue those goals, Microsoft’s AI chatbot turned bad is just one example. As AI gets more sophisticated it will become an intelligent hacking actor and part of our security threat landscape. The challenge will be to use AI effectively to guard against its malicious use,” the CTO told CBR.
Asked whether the situation could become one of an unstoppable force colliding with an immovable object, AI offence being repelled by AI defence, Mr Berkes responded with optimism.
“We have an opportunity to use AI and to ideally stay one step ahead of the threat curve, I am a glass half full person on this particular topic. If there is ever going to be a sustainable force countering hacking and security threats, it is actually going to be AI,” Berkes said.
AI has become a blanket term to some extent, a banner that encompasses machine learning for example. Some, however, argue that actual AI does not exist in cybersecurity.
Mr Berkes made it clear that time is still required to fulfill his vision of AI security, saying: “We are not quite there with AI, we are at the start of a long journey, but we do have some very concrete example where we are using machine learning and machine intelligence techniques already in our products.”
CA Technologies has implemented machine intelligence technology into areas like access management, pulling together data to work out whether requests are legitimate or not.
“I see the promise of artificial intelligence and machine learning as adding that intelligent layer, having technology be self-aware so that they understand the context of how they are being used to recognise patterns that are not normal,” said Berkes.
While AI looks like it may transform the world of cybersecurity, it is also set to have a disruptive impact on enterprise processes more generally, potentially streamlining and enhancing all facets for big business benefits.
“The core activities of managing, governing and securing your technology will not go away, but they will become more efficient, automated, and intelligent. In turn, this will help you spend more of your energy on what matters, creating new revenue to drive the business forward.”