AI has Arrived: How Does it Impact IT and Security?
It is in the midst of these queries that we find the security experts at Exabeam.
In our recent webinar, we had an insightful discussion about the future of AI in IT and security. The discussion was expertly moderated by Exabeam Director of Product Marketing, Jeannie Warner. Alongside Jeannie, we were fortunate to have the valuable perspectives of Exabeam CISO, Tyler Farrar and Exabeam Director of Security Research, Steve Povolny.
Although I was meant to be part of the webinar, an unexpected emergency prevented me from participating. (Don’t worry, I had the foresight to send my notes to the panel in advance.) Even without my sparkling wit contributing to the conversation, they dove deep into the exciting possibilities AI brings to the field of cybersecurity and thoughtfully explored its potential impact on the industry. And the emergency on my side of the pond was promptly resolved without blood loss, so ultimately everyone’s a winner.
In this article:
A stroll down memory lane
Once upon a time, “the rise of the machines” was a tantalizing plot device in science fiction films. But today, it’s a mad dash for IT and security teams to familiarize themselves with these fascinating advancements.
Sure, AI and machine learning (ML) may seem like cutting-edge concepts, but the roots of intelligent computers date back over 70 years. During the webinar, Jeannie fired up her flux capacitor to set the stage, evoking the work of 20th-century mathematician Alan Turing, whose 1950 “Turing Test” is a bedrock of AI philosophy.
In fact, AI and ML have punctuated our lives, touching everything from our work, as we employ spelling and grammar tools in our word processing, to our entertainment, when IBM’s Watson graced our television screens and triumphed in a game of Jeopardy!
However, Steve argues that the real landmark moment came when AI found its way into our homes through Amazon’s Alexa. This compact, intelligent listening device captured the imagination of the general consumer. As Steve explains, even non-techies were intrigued by Alexa: “I think that interest sparked a business opportunity that we see really exploding today in AI.” I can clearly recall my first experience seeing Alexa in action during an episode of “Mr. Robot”, and knew instantly that whomever had made that glorious piece of technology needed to immediately shut up and take my money. And it didn’t take long for many of us to decide to connect our homes to <insert home assistant name of choice here>, and now enjoy yelling instructions at little boxes rather than move from the sofa to make things do stuff, or find out answers to questions we can’t be bothered to type into a browser.
Offensive and defensive asymmetry
Security is an ongoing game of attackers and defenders, offense and defense, snakes and ladders. And with the proliferation of AI, Tyler makes a valid point about a notable shift in how cybercriminals and security operations centers (SOCs) approach their roles — an offensive/defensive asymmetry, so to speak.
Daunting as it may seem, it falls on us, the security professionals, to prevent the scales from further tipping in favor of savvy, AI-enabled cybercriminals. Tyler rightly points out the emergence of “automated hacking tools like AI-powered phishing campaigns” which “have really come a little bit further ahead from the defenders who are trying to play catch up in some cases.” Worm-GPT recently hit the headlines, and I would bet all the automated tech in my house that this will be the first of many such tools.
Consequently, this leaves SOCs questioning how they can close this gap effectively. Thankfully, they can fight fire with fire by investing in essential resources like threat intelligence and automation. Vulnerable companies can point AI tools at large data sets to analyze evolving threat patterns, identify software vulnerabilities, and extract critical insights on threat actors.
Tyler also highlights the necessity of applying “threat simulation using synthetic data that’s generated by AI, helping to hone in on response strategies. Because at the end of the day, you should know your network and your people better than the attackers do.”
By adapting and using AI and generative pre-training transforming tools to their full potential, security professionals can look to reclaim the balance, keep more cyberthreats at bay, and better combat those who seek to compromise our IT environments. It’s all about embracing the power of AI as a force for good.
Undeniably, AI will shake up countless industries, including security. But let’s not forget that these technological marvels should complement, not overshadow or replace, our flesh-and-blood team members. Tyler envisions a ”symbiotic relationship between AI and this human ingenuity that fosters an ecosystem that is both secure and efficient and adaptive to these challenges.”
Consider a scenario: You have an inexperienced, junior security analyst faced with a network incident. Feeling uncertain about how to proceed or struggling to grasp the complexity of the potential breach, imagine if natural language processing (NLP) could explain each element of the threat in common, everyday language, empowering the analyst to triage the issue much faster.
That’s where the Exabeam Threat Explainer comes in — it moves this very concept into the real world. Using generative AI and NLP, it skillfully translates a series of unrelated but high-fidelity threats or detections into a cohesive and comprehensive picture of the entire attack or threat.
Tyler aptly concludes, “It really could be the future of cybersecurity. With the potential to bridge the gap between AI’s capabilities and human expertise, we’re looking ahead to a future where security is strengthened in an unprecedented manner.”
Automated decision support has been something we’ve spoken about at Exabeam for as long as we’ve existed, and with the explosion in generative AI, which is only going to keep evolving, I am excited to see where this takes us as a security community.
AI signals a new age of computational efficiencies and an overwhelming necessity for robust cybersecurity measures. Exabeam stands at the forefront, building on our foundation of user entity and behavior analytics (UEBA) to detect sophisticated threats, fend off AI-enabled cyberattacks, and defeat adversaries.
“When people ask us what Exabeam is doing in AI, well let me give you 12 years’ worth of our experience in that because we’ve been pioneering this for a very, very long time,” Steve says. “Going back to initially modeling what a user’s normal behavior is via machine learning and looking for deviations — from that beginning all the way up to today where we are starting to incorporate things like NLP, large language model (LLM) processing, and generative AI. And while I can’t peel back the cover too much on that in advance of our current development schedule, I will say that there’s some really exciting capabilities that look to be possible and naturally fit into our platform.”
For more insights on this captivating topic, watch the on-demand webinar.
What is the Future of AI in IT and Security?
Watch this enlightening webinar, where our Exabeam security experts dive into the realm of computational efficiencies and operational efficiencies that automation brings. They also provide valuable insight into the critical considerations, boundaries, and safeguards that organizations must establish when adopting AI and other emerging technologies.
You’ll gain a clear understanding of these topics and more:
- Assessing the risks associated with OpenAI and other NLP/LLM text searching interfaces
- Investigating the true potential of AI or ML in replacing human roles and responsibilities, and methodologies for evaluating AI systems
- Differentiating between ML and AI for chatbots in the context of security detection
- Demystifying the terminology associated with AI, including -machine learning, deep learning, natural language processing, and RNN
- Understanding the nuances between structured and unstructured data, as well as supervised and unsupervised approaches
From Unassuming Beginnings to CISO Excellence: A Journey with Andrew Wilder
10 Essential Episodes of The New CISO Podcast
Generative AI and Top Honors: Highlights from Google Cloud Next ‘23
Defending Against Ransomware: How Exabeam Strengthens Cybersecurity
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See How New-Scale SIEM™ Works
New-Scale SIEM lets you:
• Ingest and monitor data at cloud-scale
• Baseline normal behavior
• Automatically score and profile user activity
• View pre-built incident timelines
• Use playbooks to make the next right decision
Request a demo of the industry’s most powerful platform for threat detection, investigation, and response (TDIR).
Get a demo today!