securityintelligence.com
Open in
urlscan Pro
104.18.25.241
Public Scan
URL:
https://securityintelligence.com/articles/back-to-basics-better-security-ai/
Submission: On March 13 via manual from SG — Scanned from SG
Submission: On March 13 via manual from SG — Scanned from SG
Form analysis 1 forms found in the DOM
GET /
<form id="search" class="search " method="GET" action="/" target="_top" tabindex="-1">
<amp-autocomplete filter="prefix" src="https://securityintelligence.com/wp-content/themes/sapphire/app/jsons/suggestions.json" suggest-first="" submit-on-enter="" on="select:search.submit" tabindex="-1"
class="i-amphtml-element i-amphtml-layout-container i-amphtml-built i-amphtml-layout" i-amphtml-layout="container" role="combobox" aria-haspopup="listbox" aria-expanded="false" aria-owns="81_AMP_content_">
<input id="search__input" tabindex="-1" type="text" name="s" autocomplete="off" placeholder="What would you like to search for?" aria-label="Search" oninput="validateInput(this)" required="" dir="auto" aria-autocomplete="both" role="textbox"
aria-controls="81_AMP_content_" aria-multiline="false">
<div class="i-amphtml-autocomplete-results" role="listbox" id="81_AMP_content_" hidden=""></div>
</amp-autocomplete>
<button tabindex="-1" value="submit" type="submit" class="search__submit" aria-label="Click to search">
<amp-img width="20" height="20" layout="responsive" src="https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg" alt="Search"
class="i-amphtml-element i-amphtml-layout-responsive i-amphtml-layout-size-defined i-amphtml-built i-amphtml-layout" i-amphtml-layout="responsive"><i-amphtml-sizer slot="i-amphtml-svc" style="padding-top: 100%;"></i-amphtml-sizer><img
decoding="async" alt="Search" src="https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg" class="i-amphtml-fill-content i-amphtml-replaced-content"></amp-img>
<span>Search</span>
</button>
<button tabindex="-1" value="reset" class="search__close" type="reset" aria-labelledby="search" on="tap:search.toggleClass(class='megamenu__open')" role="link">
<amp-img width="14" height="14" layout="responsive" src="https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg" alt="Close"
class="i-amphtml-element i-amphtml-layout-responsive i-amphtml-layout-size-defined i-amphtml-built i-amphtml-layout" i-amphtml-layout="responsive"><i-amphtml-sizer slot="i-amphtml-svc" style="padding-top: 100%;"></i-amphtml-sizer><img
decoding="async" alt="Close" src="https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg" class="i-amphtml-fill-content i-amphtml-replaced-content"></amp-img>
</button>
</form>Text Content
SECURITY INTELLIGENCE
News Series Topics X-Force Podcast
News Series Topics Threat Research Podcast
Search
{{#articles}}
{{TITLE}}
{{/articles}} View All News
{{#articles}}
{{TITLE}}
{{/articles}} View All Series
Application Security Artificial Intelligence CISO Cloud Security Data Protection
Endpoint
Fraud Protection Identity & Access Incident Response Mainframe Network Risk
Management
Intelligence & Analytics Security Services Threat Hunting Zero Trust
Infographic: Zero trust policy Timeline: Local Government Cyberattacks
Industries Banking & Finance Energy & Utility Government Healthcare
View All Topics
{{#articles}}
{{TITLE}}
{{/articles}} View More From X-Force
{{#articles}}
{{TITLE}}
{{/articles}} View All Episodes
News Series
TOPICS
All Categories Application Security Identity & Access Artificial Intelligence
Incident Response CISO Mainframe Cloud Security Mobile Security Data Protection
Network Endpoint Risk Management Fraud Protection Threat Hunting Security
Services Security Intelligence & Analytics
Industries Banking & Finance Energy & Utility Government Healthcare
X-Force Podcast
BACK TO BASICS: BETTER SECURITY IN THE AI ERA
Light Dark
--------------------------------------------------------------------------------
February 7, 2024 By Douglas Bonderud 4 min read
--------------------------------------------------------------------------------
Risk Management
Artificial Intelligence
--------------------------------------------------------------------------------
The rise of artificial intelligence (AI), large language models (LLM) and IoT
solutions has created a new security landscape. From generative AI tools that
can be taught to create malicious code to the exploitation of connected devices
as a way for attackers to move laterally across networks, enterprise IT teams
find themselves constantly running to catch up. According to the Google Cloud
Cybersecurity Forecast 2024 report, companies should anticipate a surge in
attacks powered by generative AI tools and LLMs as these technologies become
more widely available.
The result is a hard truth for network protectors: keeping pace isn’t possible.
While attackers benefit from a scattershot approach that uses anything and
everything to compromise business networks, companies are better served staying
on the security straight and narrow. This creates an imbalance. Even as
malicious actors push the envelope, defenders must stay the course.
But it’s not all bad news. With a back-to-basics approach, enterprises can
reduce risks, mitigate impacts and develop improved threat intelligence. Here’s
how.
WHAT’S NEW IS OLD AGAIN
Attack vectors are evolving. For example, connected IoT environments create new
openings for malicious actors: if they can infiltrate a single device, they may
be able to gain unfettered network access. As noted by ZDNET, meanwhile, LLMs
are now being used to improve phishing campaigns by removing grammatical errors
and adding cultural context, while generative AI solutions create
legitimate-looking content, such as invoices or email directives that prompt
action from business users.
For enterprises, this makes it easy to miss the forest for the trees. Legitimate
concerns over the rise of AI threats and the expansion of IoT risk can create a
kind of hyperfocus for security teams, one that leaves networks unintentionally
vulnerable.
While there might be more attack paths, these paths ultimately lead to the same
places: enterprise applications, networks and databases. Consider some predicted
cybersecurity trends for 2024, which include AI-crafted phishing emails,
“doppelganger” users and convincing deepfakes.
Despite the differences in approach, these new attacks still have familiar
targets. As a result, businesses are best served by getting back to basics.
FOCUS ON WHAT MATTERS
Value for attackers comes from stealing information, compromising operations or
holding data hostage.
This creates a funnel effect. At the top are attack vectors, everything from AI
to scam calls to vulnerability exploits to macro malware. As attacks move toward
the network, the funnel begins to narrow. While multiple compromise pathways
exist — such as public clouds, user devices and Internet-facing applications —
they are far less numerous than their attack vector counterparts.
At the bottom of the funnel is protected data. This data might exist in on-site
or off-site storage databases, in public clouds or within applications, but
again, it represents a shrinking of the overall attack funnel. As a result,
businesses aren’t required to meet every new attack toe-to-toe. Instead,
security teams should focus on the shared end goal of disparate attack vectors:
data.
Effectively addressing new attack vectors means prioritizing familiar operations
such as identifying critical data, tracking indicators of attack (IoAs) and
adopting zero trust models.
Accelerate security defenses with AI
BACK TO BASICS
Consider an enterprise under threat from an AI-assisted attack. Using generative
tools and LLMs, hackers have created code that’s hard to spot and designed to
target specific data sets. At first glance, this scenario can seem overwhelming:
How can companies hope to combat threats they can’t predict?
Simple: Start with the basics.
First, identify key data. Given the sheer amount of information now generated
and collected by enterprises, it’s impossible to protect every piece of data
simultaneously. By identifying essential digital assets — such as financial,
intellectual property or personnel data — businesses can focus their protective
efforts.
Next is tracking IoAs. By implementing processes that help pinpoint common
attack characteristics, teams are better prepared to respond when threats
emerge. Common IoAs may include sudden upticks in specific data access requests,
performance problems in widely used applications with no identifiable cause or
an increased number of failed login attempts. Armed with this information, teams
can better predict likely attack paths.
Finally, zero trust models can help provide a protective bulwark if attackers
manage to compromise login and password data. By adopting an always-verify
approach that uses a combination of behavioral and geographic data paired with
strong authentication processes, businesses frustrate attackers at the final
hurdle.
FUNCTION OVER FORM: IMPLEMENTING NEW TOOLS
While focusing on the outcome rather than the input of new attack vectors,
enterprises can reduce security risk. But there’s also a case for implementing
new tools such as AI and LLMs to help bolster cybersecurity efforts.
Consider generative AI tools. In the same ways they can help attackers create
code that’s hard to detect and difficult to counter, GenAI can assist
cybersecurity teams in analyzing and identifying common attack patterns, helping
businesses focus their efforts on likely avenues of compromise. However, it’s
worth noting that this identification isn’t effective if companies don’t have
the endpoint visibility to understand where attacks are coming from and what
systems are at risk.
In other words, implementing new tools isn’t a cure-all — they’re only effective
when paired with solid security hygiene.
FOR BETTER SECURITY, WORK SMARTER, NOT HARDER
Just as attackers can leverage new technologies to increase compromise efficacy,
companies can leverage AI security to help defend against potential threats.
Malicious actors, however, can act with impunity. If AI-enhanced malware or
LLM-reviewed phishing emails don’t work, they can simply return to the drawing
board. For cybersecurity professionals, however, failure means compromised
systems at best and stolen or ransomed data at worst.
The result? Security success depends on working smarter, not harder. This starts
by getting back to basics: pinpointing critical data, tracking attacks and
implementing tools that verify all users. It improves with the targeted use of
AI. By leveraging solutions such as the IBM Security QRadar Suite, which
features advanced AI threat intelligence, or the IBM Security Guardian, which
offers built-in AI outlier detection, businesses are better prepared to counter
current threats and reduce the risk of future compromise.
indicators of attack | LLM | large language models | Artificial Intelligence
(AI) | Internet of Things (IoT)
Douglas Bonderud
Freelance Writer
Continue Reading
POPULAR
Risk Management March 7, 2024
NEW FAKEXT MALWARE TARGETS LATIN AMERICAN BANKS
6 min read - This article was made possible thanks to contributions from Itzhak
Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral
to our online experience. From productivity tools to entertainment add-ons,
these small software modules offer customized features to suit…
Data Protection March 5, 2024
FROM FEDERATION TO FABRIC: IAM’S EVOLUTION
15 min read - In the modern day, we’ve come to expect that our various
applications can share our identity information with one another. Most of our
core systems federate seamlessly and bi-directionally. This means that you can
quite easily register and log in…
Artificial Intelligence February 1, 2024
AUDIO-JACKING: USING GENERATIVE AI TO DISTORT LIVE AUDIO TRANSACTIONS
7 min read - While the evolution of LLMs mark a new era of AI, we must be
mindful that new technologies come with new risks. Explore one such risk called
"audio-jacking."
MORE FROM RISK MANAGEMENT
March 7, 2024
NEW FAKEXT MALWARE TARGETS LATIN AMERICAN BANKS
6 min read - This article was made possible thanks to contributions from Itzhak
Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral
to our online experience. From productivity tools to entertainment add-ons,
these small software modules offer customized features to suit individual
preferences. Unfortunately, extensions can prove useful to malicious actors as
well. Capitalizing on the favorable characteristics of an add-on, an attacker
can leverage attributes like persistence, seamless installation, elevated
privileges and unencrypted data exposure to distribute and operate banking…
March 6, 2024
WHY FEDERAL AGENCIES NEED A MISSION-CENTERED CYBER RESPONSE
4 min read - Cybersecurity continues to be a top focus for government agencies
with new cybersecurity requirements. Threats in recent years have crossed from
the digital world to the physical and even involved critical infrastructure,
such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware
attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the
public sector, which includes government agencies, is up to $2.6 million from
$2.07 million in 2022. Government agencies need to move…
January 30, 2024
MAPPING ATTACKS ON GENERATIVE AI TO BUSINESS IMPACT
5 min read - In recent months, we’ve seen government and business leaders put an
increased focus on securing AI models. If generative AI is the next big platform
to transform the services and functions on which society as a whole depends,
ensuring that technology is trusted and secure must be businesses’ top priority.
While generative AI adoption is in its nascent stages, we must establish
effective strategies to secure it from the onset. The IBM Institute for Business
Value found that despite 64%…
TOPIC UPDATES
Get email updates and stay ahead of the latest threats to the security
landscape, thought leadership and research.
Subscribe today
Analysis and insights from hundreds of the brightest minds in the cybersecurity
industry to help you prove compliance, grow business and stop threats.
Cybersecurity News By Topic By Industry Exclusive Series X-Force Podcast Events
Contact About Us
Follow us on social
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature
IBM web domains
ibm.com, ibm.dev, ibm.org, ibm-zcouncil.com, insights-on-business.com, jazz.net,
merge.com, micromedex.com, mobilebusinessinsights.com, promontory.com,
proveit.com, ptech.org, resource.com, s81c.com, securityintelligence.com,
skillsbuild.org, softlayer.com, storagecommunity.org, strongloop.com,
teacheradvisor.org, think-exchange.com, thoughtsoncloud.com, trusteer.com,
truven.com, truvenhealth.com, alphaevents.webcasts.com, betaevents.webcasts.com,
ibm-cloud.github.io, ibmbigdatahub.com, bluemix.net, mybluemix.net, ibm.net,
ibmcloud.com, redhat.com, galasa.dev, blueworkslive.com, swiss-quantum.ch,
altoromutual.com, blueworkslive.cn, blueworkslive.com, cloudant.com, ibm.ie,
ibm.fr, ibm.com.br, ibm.co, ibm.ca, silverpop.com,
community.watsonanalytics.com, eclinicalos.com, datapower.com,
ibmmarketingcloud.com, thinkblogdach.com, truqua.com, my-invenio.com,
skills.yourlearning.ibm.com, bluewolf.com, asperasoft.com, instana.com,
taos.com, envizi.com, carbondesignsystem.com
About cookies on this site Our websites require some cookies to function
properly (required). In addition, other cookies may be used with your consent to
analyze site usage, improve the user experience and for advertising. For more
information, please review your cookie preferences options. By visiting our
website, you agree to our processing of information as described in
IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences
will be shared across the IBM web domains listed here.
Accept all Required only
Cookie Preferences