'A combination of AI built into security products would help to swing the balance against cybercrime'
VARINDIA spoke to Ramachandra Hegde, Vice President, Chief Information Security Officer – Genpact to understand the role played by AI in addressing cybercrimes and how it can be put to best use as an intelligent analytic tool to protect confidential data -
It is said that Artificial Intelligence will further boost cybercrimes, instead of reducing it. How far do you believe in this statement?
AI could be quite beneficial to cyber security to detect threats, identify anomalies, enhance authentication and improve the overall cyber defense. Machine learning and AI-based solutions are great at identifying patterns and proactively uncovering potential incidents.
While it is true that AI could also enable malicious activities by attackers, drive increased automation and possibly make some attacks more effective or impactful, it is important to develop the right technical measures and policy frameworks which could be applied to defend against such threats enabled by AI.
Organizationsshould closely track developments in AI, start enabling their security team with AI skills, and start thinking of the right use cases to embed AI in their current cyber defense environment.
A combination ofAI being built into security and computing products and cloud providers,progress in industry frameworks, inter-government cooperation and enforcement of regulations should help toswing the balance against cybercrime.
What role has AI played in solving cybercrimes and how do you see this continuing in the future with further advancements in it?
AI technologies can proactively identify threats and anomalies and if any unusual pattern is detected, would be able to deeply analyze the relevant data for further investigations and enabling prompt action to prevent data breaches.
From cyber defense operations perspective, security analysts are overwhelmed by the growing number of indicators of compromises and threats. AI can be used to monitor large number of security events and analyze and identify potential threats thus is able to effectively supplement the efforts of security analysts and IT teams.More broadly, AI, machine learning and automation can also be used to take rapid actions to elevate controls or remediate gaps found, thus driving significant risk mitigation by “raising the shield” appropriately or reducing the window of exposure.
How can it be misused to tamper with important data, thus leading to cyber hacking and infringement?
By way of definition, information security is about maintaining the confidentiality, integrity and availability of data and systems. While a lot of attention has been given to breaches of confidentiality and most recently to ransomware attacks impacting availability of data and systems, integrity is also a foundational tenet.
Social media is a good example of this. As advances in computingdrive automation with lesser human intervention, and with the increase in adoption of social media, the consequences of a breach of integrity increase. Machine learning and deep neural networks for advanced natural language processing could be used to create fake messages or even fake videoscalled “deepfakes”.
Specific to AI, while there has been a lot of discussion around how bias can creep into AI and the consequences of that, threat actors can target AI systems also with the objective to compromise integrity. It is also not unconceivable that attackers would seek to target security systems to tamper with algorithms to reduce or defeat the security of the systems to be able to then attack.
Most security offerings and solutions nowadays come with intelligent analytics capabilities. How, as a security vendor do you think, can AI be put to best use while still protecting confidential data and information?
Data privacy principles like transparency, data minimization, and “privacy by design and default” are important considerations that vendors must consider for these products. The vendor must ensure that there is enough transparency and options provided, includingconfiguring the appropriate default settings.
Organizations that are purchasing and implementing these products have the responsibility to think through, develop and implement a framework for using them in the right manner, which again is documented, communicated and supported by the organization’s privacy policies and notices. It also needs to be backed up by the right controls and independent assessments that will build confidence and trust, as well as assurance compliance with relevant regulations.