search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
AI


Is it beneficial for companies to be using both (or one) in their business? Should companies be choosing one over the other or do you recommend both together? Te most important thing companies can do is understand what is right for them. AI is not a magic bullet that removes the need for human interaction and understanding. It can be tempting to buy into the marketing hype around unsupervised learning and the ability to automagically identify anomalous behaviours and produce an alert. However, there are numerous examples where these systems have completely missed not just compromises but entire breaches because the attacks were hidden within normal traffic and behaviours. Companies have to find a balance of budget, people and processes; AI offers a great opportunity to accelerate and improve these, but not to replace them. At least not yet.


What are the biggest impacts for using this tech? Te biggest impact of these technologies will fall into two areas. Te first is helping security teams get to the answers they need more quickly and in a way that helps them make sense of what they are looking at and its potential impact on their environment. Unfortunately, the other main area will be the use of AI by the attackers themselves, whether that is using LLMs (Large Language Models) such as GPT to write effective phishing campaigns or using machine learning to understand the best way to bypass a company’s firewalls without being spotted. Te use of the same tools by those that would wish us harm should always be as much of a consideration as how effectively they can help an organisation.


And what should businesses be aware of or looking out for when it comes to ensuring their business security is protected? In many ways, nothing has changed. Organisations need to have their cybersecurity at the forefront of their decision making. AI just happens to be the latest tool in the arsenal, and we have yet to fully understand the impact it may have. As such, having a clear and well-designed cybersecurity approach is what’s important. Te solution must fit the needs you have as an organisation and be focused on the specific nuances you have around your valuable data and systems. Ensure your staff are aware and well trained. Te novelty of reading an article written by Chat-GPT isn’t quite the same when that article was an email that caused someone to click on a link that downloaded ransomware to a computer.


Do you advise all sectors to consider incorporating these technologies or should some sectors steer clear to avoid disruption? It’s more likely that there will be customers in each sector for whom AI technologies would be a great fit, allowing them to stretch their resources further and be more effective in protecting their organisations. Tere will also be others for whom AI technologies wouldn’t just be disruptive, they would be counterproductive and potentially make things worse. We know from our work at Corelight with Chat-


GPT, that its output can sound extremely authentic and have a tone of authority but, in fact, that content is completely wrong and would make a user’s situation


www.pcr-online.biz July/August 2023 | 41


“It can be tempting to buy into the marketing hype around unsupervised learning and the ability to automagically identify anomalous behaviours and produce an alert”


worse. If an organisation is considering AI, then just like we do, the AI output must be compared against what we know to be true before it is used in the decision-making process. If an organisation can see the value that AI will bring and understand how it will deliver that effectively, then they should absolutely look to integrate it.


Where do you think this technology will move to next? Tere are some interesting challenges with AI moving forward. For many years, the successes of AI and ML in areas such as Chess and Go have been passed off as novelties, despite the huge efforts and costs for those involved and their importance in developing these technologies. But with tools such as Chat-GPT and Midway and the apparent ease with which utterly authentic appearing images and text can be produced, everyday interest has exploded. As noted in 1997, by the philosopher Dr Blay Whitby, this is because these systems reflect cultural similarities rather than any true form of intelligence. Te danger is that focus becomes wedded to these superficially


impressive tools, that whilst technologically extraordinary, offer little opportunity to improve security and protect systems, users or their data more effectively. How many companies are going to redirect resources to incorporating Chat-GPT over their existing technical debt because their marketing success will depend on it, versus improvements to their machine learning models or signature accuracy. Te future with AI is exciting but it must be measured and applied appropriately, and organisations must investigate how their vendors are using AI to ensure it’s improving their security.


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52