Info@NationalCyberSecurity
Info@NationalCyberSecurity

‘With hackers adopting AI, it’s a cat-and-mouse game’ | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


NEW DELHI :Bryan Palma, chief executive officer of Trellix, has served as a former US Secret Service special agent and PepsiCo’s first chief information security officer and is currently a member of President Joe Biden’s National Security Telecommunications Advisory Committee (NSTAC).

NEW DELHI :Bryan Palma, chief executive officer of Trellix, has served as a former US Secret Service special agent and PepsiCo’s first chief information security officer and is currently a member of President Joe Biden’s National Security Telecommunications Advisory Committee (NSTAC).

Trellix was founded in 2022 by merging security firms McAfee Enterprise and FireEye. In an interview during his visit to Bengaluru, Palma shared his insights on various issues, including cyber warfare and the evolving face of cybersecurity in India and worldwide, with both hackers and security firms using powerful artificial intelligence (AI) tools. Edited excerpts:

Trellix was founded in 2022 by merging security firms McAfee Enterprise and FireEye. In an interview during his visit to Bengaluru, Palma shared his insights on various issues, including cyber warfare and the evolving face of cybersecurity in India and worldwide, with both hackers and security firms using powerful artificial intelligence (AI) tools. Edited excerpts:

Subscribe to Continue Reading

AI has become a powerful tool for both cybersecurity professionals and hackers. How should individuals, companies, and governments prepare for the threats?

AI has become a tool for cybercriminals too. The next generation of cybersecurity is going to rely on a platform that has AI. We’re not there, and a lot of detection work is being done by humans, which is putting a lot of pressure on the security industry in general because we have a big shortage of the capabilities and skills to defend against attackers. AI will allow us to make the resources more productive and use them more efficiently. But the hackers, too, are very quickly adopting AI, so it’s always kind of a cat-and-mouse game.

How should companies leverage this AI platform to thwart hackers?

Chief information officers (CIOs) and chief information security officers (CISOs) want insight and analytics, and the way to do that is by leveraging AI. Our study reveals that 84% of CIOs have faced at least one cyber incident. This creates a lot of stress. There are a couple of areas that they should focus on. One is (keeping track of) the proliferation of endpoints like phones and video in TVs and cars. That’s a very different job than it was 15 years ago when you had to manage the corporate network and bring everybody into the corporate network and keep it safe.

Now, nobody’s on the corporate network but on endpoints, which gives rise to more threat vectors and areas for protection. So, if you’re a remote worker, you’re doing your work in the cloud, and you’re on diverse endpoints — you may be typing on your mobile phone, on your personal computer, on the company computer, or you may be in your Tesla doing work. The other area is around the cloud since all these assets are now in the cloud. These are the two biggest trends that CIOs/CISOs are wrestling with and trying to get their arms around. We’re trying to help them by bringing a platform that makes it simpler for them to do that.

When you offer a solution or the, service or platform, who exactly is accountable for any kind of cybersecurity breach?

This has always been an issue in the industry because it’s very hard to say why a breach happened. Further, if you have 72 different technologies, it will involve the integration of different vendors and partners, which makes it very hard to say where the breach took place.

For instance, this trend is manifesting itself in supply chain attacks that have become a real problem. This started a couple of years ago with the whole SolarWinds issue (Hackers injected malicious code into Texas-based SolarWinds software systems in early 2020).

Now we’re seeing nation-states and others building their attacks into the supply chain, which poses a real problem for large companies because it involves many vendors.

Government breaches appear to be on the rise, especially with AI tools. Would these tools escalate cyber attacks?

We do a significant amount of business in the public sector. These folks have been dealing with nation-state attacks for a long time, along with cyber-attacks. We’ve seen that in Russia and Ukraine, too, with both sides using those tactics, and we’ll continue to see it. I think cyberattacks will play a big part in the future of warfare. I’m part of NSTAC in the US, and there’s a lot of effort going on for public-private partnerships and exchanging the right information, besides formulating the right regulations. Much like in the US, India too has a draft of the Indian National Cybersecurity strategy. Governments increasingly realize how important this factor is, and they’re spending more and more money and getting more engaged in policymaking (to thwart such crimes).

Are there any trends you’re seeing in developing countries like India any different from that in developed countries?

For the most part, it’s similar, except for the size and scale of businesses.

In India, for instance, there are more small businesses, and a lot of those businesses aren’t prepared to deal with cybersecurity. So, there are some additional challenges just from the maturity of the overall business environment.

You merged FireEye and McAfee to create Trellix. What’s clicking for you in global markets and India, in particular?

We’re in the right markets. We’re a market leader in XDR (Extended Threat Detection, Investigation, Response), and the system covers security operations, data protection, and other elements of security. Most CIOs have investments in (security) tools already. We ingest over 650 different security tools into our XDR, which means that even if you’ve bought a product from another vendor, we want you to leverage that and not discard it. Ours is also an open platform. Further, our advanced research team has about 300 people doing research, and we have a lot of telemetry (automatic collection, transmission, and measurement of data from remote sources using sensors and other devices) in hundreds of millions of devices. We’re using that telemetry to make our products better.

Are we seeing generative AI tools being used to have ransomware?

We have a group called the Advanced Research Centre which comprises 300 of our best researchers. And they look at a lot of adversarial threat research, among other things. We are definitely seeing custom-designed ransomware that has been designed to evade some of the security technologies out there–whether it’s endpoint or other technologies (but not Generative AI). For a long time, they (hackers) have just been running traditional ransomware like cobalt strike (a paid penetration testing product that allows an attacker to deploy an agent named ‘Beacon’ on the victim machine). Now they’re running custom-designed ransomware. We’ll continue to see that in the future.

It’s early days but will quantum computing help in better encryption technology?

We will see more powerful computing. It definitely brings more power to the equation. But that power will not only be used by the good guys. It’s always going to be a cat-and-mouse game.

What are your thoughts on AI becoming sentient at some given point in time?

AI currently does have the ability to think on its own. But 20 years from now, once these models are really trained, and become very sophisticated, and are pointed at certain datasets, it is something we’re going to have to think about and consider. The government will have to get involved and put some rules in place. There’s no magic solution to prevent this.

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW