Generative AI will boost Cybersecurity: An Opinion by Rob Enderle
- December 13, 2023
- 9:53 am
Microsoft made global headlines last week with the announcement that it will be integrating Generative AI into everything, including security. Microsoft’s stakeholders and the industry experts seem to be welcoming this decision as AI impacts most of what Microsoft does and it’s important for the company to be an early riser to explore the significance of Generative AI.
Let’s understand how Generative AI can impact security, before closing this article with my Product of the Week: the BAC Mono custom-built, street-legal track car.
Human Error - The biggest security issue
We’re very well aware and often excited about the technological developments that are made every day to combat cybersecurity breaches. However, while we have enough software to protect us against cyber scams, the biggest reason that threatens our security is us, the people.
Scammers often trick people into giving out sensitive information that they use to carry out ransomware attacks, identity thefts, data thefts, and many such breaches.
The industry holds regular security drills and audits and imposes extreme penalties. However, all these measures have minimal impact on the problem as companies lack consistency in implementing these practices. These include organizations, where their top executives have become complacent to the security breaches happening around. They often overlook the rules they created to combat security threats.
For decades, human error remains to be the primary cause of some of the most painful security problems. Let me share an example of how simple human errors lead to security concerns.
Back when I was doing security audits (at a company known for security) on a CEO who often bragged he knew more about security than anyone else in my division, I was able to access his most sensitive information that was in a locked safe in 10 minutes. Not by using some super-secret James Bond hacking technology but by looking in his secretary’s drawer where all the keys were stored, which was unlocked.
HP PC kicks off its security solutions
Since I’m writing this at HP’s Amplify partner event, I want to talk about HP’s newest security solution. HP unveiled Wolf Security, arguably the best PC security solution you can find in the market right now.
According to HP’s research, the security business generates $8 trillion in revenue, however, it is only a fraction of the money it protects. No technology, however sophisticated, can prevent an employee or an individual from getting tricked by scamsters and giving out critical information to them.
HP technology hosts an impressive portfolio of security solutions that include VMs, BIOs, and many other precautionary techs. However, it cannot help if an employee voluntarily or accidentally breaches their protection.
However, HP has tried to address this issue with HP Sure Click. This program helps prevent a user from clicking on a suspected link. Sure Click isolates risky actions in a virtual environment and makes sure the damage doesn’t escape an isolated VM to cause harm. Yet, this effort is not enough.
Why do we need AI security?
Over the years, I have seen ample cases where some of the biggest systems got hacked with very minimal effort and people became victims of simple tricks. Let me take you through some of these real examples that emphasize the need to integrate AI into our security solutions.
In one of the cases, A CIO was fired by the company via email. The person became so angry and revengeful that he used his credentials and reformatted all the hard drives of his ex-company, effectively putting them out of business.
The company did sue this successfully and lodged him behind bars, but they couldn’t save the company as the damage was irreversible.
In another instance, there was a massive breach that landed the organization in a PR crisis. An attacker used stolen credentials with unquestioned access to the company’s HR system. He sent a global email to all the non-management employees telling them that the company had been sold and employees needed to provide their banking details to get their final checks. Almost everybody in the company gave away crucial banking information before someone questioned the email. However, by that time, the thieves had done their job and gone offline.
These are some eye-opening examples of successful cyber breaches that even HP’s Wolf Security wouldn’t have been able to protect, for two simple reasons. Firstly, these were physical breaches with no laptops involved and finally, the phishing attack resulted in compromising the HR system that the Wolf Security doesn’t protect.
These are in no way a dent on HP. HP has done more than most when it comes to cyber security. But it is not enough and we are yet to see a fool-proof system. And AI is something that is touted to give us a comprehensive security system. Hence, the a need to integrate Generative AI into our security systems.
AI to the rescue: BlackBerry to Microsoft
Microsoft’s Security Copilot identifies current and potential breaches in real time and informs security professionals so that they can be mitigated right at the beginning. It addresses the problem of our security systems being understaffed and under-resourced.
However, AI is more than increasing productivity and reducing employee burdens. The biggest strength of Generative AI is that it can learn from employee patterns and behavior and can recreate similar patterns to combat security threats as soon as it detects one.
BlackBerry’s Cylance unit uses sophisticated AI to proactively protect its systems against employee risks. Its superior technology blocks individuals that show unusual behavior such as sudden downloading of the company’s employee files or other clandestine documents, thus signaling that an attacker is using the credentials.
Generative AI has a huge potential, at least in addressing employee risks very quickly. Using existing data and models, Generative AI can predict employee behavior. It can separate employees who cause breaches more often and offer solutions such as taking away access rights from employees who are careless with their access. It can also suggest measures such as the termination of employees who are wilfully causing breaches and jeopardizing the system.
Concluding Generative AI and the future of security
There is no doubt that AI is the future of security. We can see the initial introduction of AI in BlackBerry and Microsoft’s programs. It is potentially effective because it may be able to eliminate people’s exposure to the process so that human error can be minimized.
As with other technologies, I expect IT will be slow to adopt these tools and that the avoidable breaches that will result will forever change a lot of our career paths and financial security.
AI will not just be necessary to keep our company safe but also our interest. The main beneficiary of Generative AI will be our aging population who are more vulnerable to being tricked by fraudsters into giving away information about their retirement funds and so on.
The only question that is often associated with every breakthrough technology is whether we will be able to train the AI to work for us before the bad actors figure out a way to make it work against us. Time will tell.
BAC Mono Custom-Built, Street-Legal Track Car
Since AI is our topic of the week, I would like to talk about how Artificial Intelligence is gradually entering the automotive market. Two weeks ago, Nvidia held its GTC conference, where the vision of a car would be first created virtually with the help of AI and then custom-built to your specific taste.
The BAC Mono car too gives us a glimpse of the future of the automotive market. Utilizing workstation tools from HP, BAC has pioneered a process similar to that of Nvidia’s vision. Unlike traditional sports cars which were made for daily use, the BAC Mono is custom-built for the track, offering a superlative driving experience.
Dedicated track cars that are also street-legal are rare and very expensive, and customization is limited. By using metaverse and VR technologies, this last can be changed. Not only can the car be more customized, but it can also be built more quickly, virtually tested, and better enabled to pass the changing regulations for driving on public roads.
With a price of $151,000, the BAC Mono isn’t for the faint of heart, but it will outperform supercars on the track that cost a lot more. It is designed to help you hit your corners efficiently and will draw a crowd similar to what a supercar can draw at a fraction of the price.
It may not impress your date, given it has one seat, but in most supercars, your date will stop being impressed once she tries to get in the car without providing an unintended photo opportunity.
Also, since this is a track car, you’ll be less motivated to do stupid things, which often seem to define supercar drivers (YouTube has thousands of videos of supercar drivers doing expensive, stupid things).
Not only is the BAC Mono a precursor to how we’ll buy cars in the future, but I also lust for one, so it’s my Product of the Week.