The power of AI in cybersecurity | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

2023 may go down in history as the year of Artificial Intelligence (AI) — or at least the year when business leaders and consumers alike became obsessed with generative AI tools like ChatGPT.

Cybersecurity vendors are not immune to the hype. At the 2023 RSA conference, nearly every keynote included a discussion on AI.

And for good reason. AI has tremendous potential to transform the cybersecurity industry. Cybersecurity analysts at Check Point Technologies have been tracking the use of AI by cyber criminals, who are using it to create more realistic phishing emails and to speed up the process of creating malicious files. The good news is that the “good guys” are also working to incorporate AI into cybersecurity solutions. AI could be used to automatically detect and prevent cyberattacks. It could prevent phishing emails from ever reaching your inbox. And it may also reduce the time-consuming false positives plaguing IT teams.

Unfortunately, it could be difficult to parse the AI hype to understand what is real and what is simply marketing fluff. As with any new technology, there is a learning curve, and many new companies are just now adding AI capabilities. When your job is to protect your company from its ever-growing threat landscape, it is essential to thoroughly vet new technologies before deploying them.

So what should you look for when assessing whether to incorporate AI into your cybersecurity strategy? I recommend approaching AI like you would a candidate for a job on your team. Assess its effectiveness, ease of use, and trustworthiness.

How is AI being used to augment cybersecurity capabilities?

One of AI’s benefits is its creativity and ability to make previously unheard-of — yet genius — decisions. In 2016, Google DeepMind’s AlphaGo AI beat the reigning Go world champion, Lee Sedol. Go is an ancient and exceedingly complex strategy game. During the match, AlphaGo made a move that confused Go experts, who thought it was a strange mistake. But Move 37, as it came to be known, was actually the turning point for the match — and one that Sedol wasn’t able to overcome. It’s not a move a human would have made. Look for a solution that uses AI to prevent threats that other vendors couldn’t even yet detect. Ask about their innovation cycle and what threats they see on the horizon.

What is the level of AI expertise?

With the current popularity of AI, many companies are rushing to add some level of AI capabilities to their products. But in this economy, CISOs are being asked to run operations more efficiently and need to justify budgets. There’s no need to pay for limited AI capabilities. Ask for third-party validation of their AI solution’s accuracy to determine whether they are providing real value or simply creating more noise and false alerts.

Can AI technologies be trusted?

AI models are only as good as the quality and quantity of the data they are trained with. According to Stanford Professor James Zou, “One of the best ways to improve algorithms’ trustworthiness is to improve the data that goes into training and evaluating the algorithm.” Look for a solution that provides real-time threat updates and has a large customer base. The more customers, the more training data is available for the AI.

With the rate and sophistication of cyberattacks increasing every year, as CISOs, we need every advantage we can find to protect our data and teams. AI may offer a powerful advantage as long as we deploy trusted solutions that move beyond hype to reality.

Jonathan Fischbein is the chief information security officer at Check Point Software Technologies, a multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.


Click Here For The Original Source.

National Cyber Security