Cybersecurity in Today's World: The Role of AIKrishnamurthy Rajesh on the Shift From Products to Analysis, Artificial Intelligence and Collaboration
Cybersecurity in today's world is no longer primarily about the implementation of products or solutions. It is more about the analysis of behavior and the ecosystem.
See Also: 2021 VOICE OF THE CISO REPORT
As insider threats are now more common than external threats, understanding human behavior and being able to predict its consequences can help security teams take a proactive approach to preventing cyberattacks from occurring.
Understanding human behavior and being able to predict its consequences can help security teams take a proactive approach to preventing cyberattacks.
Using AI- and ML-based algorithms for tracking user behavior and activity can provide real-time insight. Any abnormal or unusual activity can be immediately flagged as suspicious. The algorithm can be set to detect many types of data, including logging location, device ID type, scrolling patterns and internet browsing habits.
Data on a user’s psychological behavior can also be tracked. This is called artificial intelligence with sentiment analysis. It uses natural language processing, text analysis, computational linguistics, and biometrics to gather and analyze subjective information about a user and their affective state.
Gathering information from social networks, using structured and unstructured data, can also help in preventing security incidents.
In today's connected world, organizations face the information security challenge of not being able to act on decision-making insight in real time. This can be due to boundaries created, lack of transparency, trust issues and nonstandardized processes. The use of shadow IT and nonstandard reporting processes can delay getting the right set of information, and this becomes more complex when there are multiple parties involved in one project.
Technology can help to automate and eliminate waste in processes, but collaboration and mutual trust are the keys to success in cutting across boundaries and technology. As the demand for interconnected data and automation increases, the cyberthreats and risk increase in the same proportion.
Cybersecurity involves both individual action and collective responsibility.
Cybersecurity involves both individual action and collective responsibility. Real-time sharing of information can enable an organization to take preventive measures. For example, sharing a vulnerability or new threat found in a system with other business functions in the organization can prevent other systems from being exposed to the same threat.
The Industry 4.0 revolution has created the need for automation at a different level to capture, process and archive data to generate meaningful insight in real time. When data is generated in huge volumes, processing it in a secure way is a real challenge for an organization.
For example, with aircraft made of multiple parts supplied by different vendors, any sharing of data for maintenance has to go through multiple processes. This sensitive data must be secured by using targeted automation.
To mitigate the risk, organizations should plan for a three-stage approach that uses edge, fog and cloud computing while collecting and processing hot data - data used for real-time decisioning - and cold data - data used mainly for reporting and planning.
Edge computing brings computation and data storage closer to the sources, fog computing places a decentralized computing structure between the edge and the cloud, and cloud computing makes computer system resources available on demand.
These approaches can mitigate some challenges - such as interoperability and real-time decision-making - with agility. They can also help to create a bridge between OT and IT data at the enterprise level.
Overall, in changing dynamics, organizations can enhance their security postures by doing the following:
- Adopt a process and technology framework to understand human behavior and predict the consequences of behavior, to mitigate internal threats. This can give the organization a proactive edge.
- Collaborate and share threat intelligence in real time across geographic boundaries and business functions.
- Create a "crack team" consisting of representatives from business stakeholders and a technology team to assess the project's risk from an information security angle at the enterprise level. This process will eliminate risk that may arise due to the existence of silos and not taking users and stakeholders into confidence.
- Implement an enterprise security framework and a forward-looking SOC.
- Create a detailed strategy for countering offensive AI.
CyberEdBoard is ISMG’s premier members-only community of seniormost executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.
Krishnamurthy Rajesh has over 20 years of experience at information technology leadership roles in Indian and global environments. He has expertise in strategizing and implementing different elements of technology and process from the inception stage to operation. This includes information and data security, digital transformation and adapting to cutting-edge technology such as AI, IoT, M2M and RPA while keeping innovation and ROI as a base. Before ICRA, Rajesh was associated with ITC Ltd., ORIX Auto Infrastructure Services Ltd., Magma Fincorp, Bahwan Cybertek LLC and has experience in setting up a consulting practice in the Industry 4.0 domain.