By AI Trends Staff
In 2021, more firms will employ AI to battle cyberattacks, trying to gain an edge in a game of one-upmanship with hackers and attackers. A survey of 20 cybersecurity experts recently surveyed by Forbes showed some patterns.
For example, open source software can be an easy way into organizations. Gaining more visibility into open source contributions is possible with the use of AI and machine learning, according to Maty Siman, CTO of Checkmarx, a software security company based in Ramat Gan, Israel. “Rarely does a week go by without the discovery of malicious open source packages,” Siman stated.
Many developers are good at scanning open source components to identify known defects, “But they are still blind to instances where adversaries maliciously push tainted code into packages,” he stated. AI and ML can be used to help detect malicious open-source contributors with greater accuracy and efficiency at scale.
AI and ML comes into play—making it possible to detect malicious open-source contributors and packages with greater accuracy and efficiency and at scale. For example, the AI and ML algorithms can identify a scenario in which it’s the first open source project a user has contributed to, or whether the use is active in any public-facing social channel, or whether the user alters code in sensitive areas of the system, to help verify their credibility.
“This approach can essentially give open source contributors a ‘reputation score,’ making it easier for developers to vet both who they’re trusting and the packages they’re leveraging,” Siman stated. The company uses the term “DevSecOps” to refer to development, security, and operations, a commitment to software security at every step of the software development process.
Ivanti Offers “Zero Trust” Authentication
To combat password-related cyberattacks that continue in every industry, organizations need to adopt a “mobile-centric zero trust” security approach, recommends Bill Harrod, a vice president at Ivanti, an IT security company based in South Jordan, Utah. Applying AI and ML to authentication, companies can use a “more comprehensive set of attributes to determine compliance before granting access.” For example, the system can validate devices, establish user context, check app authorization, verify the network and detect and remediate threats before granting secure access to a device or user.
Ivanti’s Neurons for Patching Intelligence, for example, help fulfill service level agreements by achieving faster vulnerability remediation using supervised and unsupervised machine learning algorithms.
Privitar Offers Enterprise Data Privacy Software
Many organizations pursuing AI in 2021 will focus on privacy and security as critical elements of their data protection strategies, in the view of Steve Totman, Chief Product Officer at Privitar, a supplier of enterprise data privacy software based in London.
“Our digital dependence accelerated throughout 2020 and heightened the need for embracing data privacy as a core element of business dataops [data operations], especially where AI and ML is being embraced,” Totman stated.
In Privitar’s view, privacy technologies must provide multi-level controls automatically to ensure data is protected, usability is preserved and remediation happens in the event of a breach.
The latest version of the company’s Data Privacy Platform includes Right to be Forgotten functionality consistent with European General Data Protection Regulation (GDPR) provisions.
AI Assistance for Humans May Ease Cybersecurity Skills Challenge
The shortage of IT staff skilled in cybersecurity is driving the need to rely more on AI software, while understanding the proper role of the humans involved. “This is why the focus in 2021 is not on which AI/ML engine has the most features or the lowest error rate—it’s moving over to which AI approaches integrate humans into the process in the best way,” stated Mike Lloyd, CTO at RedSeal, a cloud security provider based in San Jose.
Today’s AI is still short-sighted, easily fooled and unable to grasp the human motivations of bad actors, in Dr. Lloyd’s view. Going forward, the company sees that the focus will increasingly shift away from black boxes—inscrutable engines that compute correlations that nobody can understand and which are often biased in significant ways—and toward more transparent reasoning approaches. This is where AI present presents its recommendations along with reasoning that humans can follow, to understand why a given conclusion is important.
Writing in RedSeal’s blog on the SolarWinds attack discovered in December that gave hackers access to potentially hundreds of targets, Lloyd stated, “The attack is extremely sophisticated, and quite alarming—it’s a supply chain attack, involving compromise of a widely used and trusted monitoring product.”
For companies scrambling to respond, RedSeal advised determining whether the SolarWinds Orion is being used in the company, and if so where, and what type of access it has. The company suggests taking the product offline, blocking unwanted access to it to the extent possible, and reset all assets it could have reached to a known good state. RedSeal’s software can be helpful in executing these steps, Lloyd suggested.
Remote Workforce Increasing Cybersecurity Risks for Organizations
In the first six months of the pandemic, 48% of US knowledge workers said they had experienced targeted phishing emails, calls, or texts in a professional capacity, according to a survey from GreatHorn, which offers protection from advanced threats.
SailPoint of Austin, Texas, takes an identity management approach to security. “A well-managed identity governance program can thus be costly and out of reach for many organizations, yet AI is already starting to change this and the trend will accelerate in 2021,” stated Grady Summers, EVP, Solutions and Technology at SailPoint.
AI applied to identity management will enable detection of more risky users, patterns, and anomalies in access requests, and reduction in cumbersome re-certification processes, the company suggests.
“Regulators will start to become comfortable with AI-driven decisions as they realize that machines will deliver smarter and faster results vs. overwhelmed humans trying to determine who can access what and when,” stated Summers.
General Electric is using SailPoint for identity management for 1.8 million employees and over 1,800 business applications. “SailPoint’s identity platform scaled at the rate that our growing, global organization required,” stated Eric Schwab, principal technologist at GE, in a customer story on SailPoint’s website.