Steve Durbin
Managing Director, Information Security Forum
Technology has advanced at an astounding rate in the past decade and the pace is only set to accelerate. Capabilities that seemed impossible only a short time ago will develop quickly, aiding those who see them coming and hindering those who don’t.
As artificial intelligence (AI) systems are adopted by organizations, they will become increasingly critical to day-to-day operations. Some organizations already have, or will have, business models entirely based on AI technology. Securing these systems and the information that feeds them will be of vital importance.
AI: friend or foe?
According to some experts, AI will bring significant benefits to society, especially in areas like research and healthcare. AI, using advanced analytics, could offer a significant, if temporary, advance in thwarting potential attackers, however, technological advances tend to be a cat and mouse game. Hackers usually work in close pursuit of security workers, meaning security workers can be compromised.
In the coming years, attackers will take advantage of breakthroughs in AI to develop malware that can learn from its surrounding environment and adapt to discover new vulnerabilities. This malware will surpass the performance of human hackers, exposing information, including mission-critical information assets, and causing financial, operational, and reputational damage.
As it is AI-based, this new form of malware will learn from its environment, analyzing applications and systems to discover and exploit new vulnerabilities in real time. It will be hard to distinguish what is safe from unauthorized access and what isn’t. Even information previously believed to be well-protected may be compromised.
Conventional techniques used to identify and remove malware will quickly become ineffective. Instead, AI-based solutions will be needed to fight this new malware — leading to a race for supremacy between offensive and defensive AI.
How should you prepare?
Moving forward, business and information security leaders alike must understand AI before embracing a technology that will become a critically important part of everyday business.
In the near-term, organizations should invest in people with technical expertise in AI, particularly machine learning, malware analysis, and reverse engineering. These experts will be able to better understand how to work with defensive AI systems. However, recruitment is likely to be a challenge as people with relevant skills and expertise are likely to be targeted by major technology vendors. Therefore, be prepared to invest in internal training and development.
Additionally, I recommend instituting a specialist security operations center function that can track intelligent malware. Direct this function to engage with other parts of the organization that work with similar technology and learn from collective experiences. Finally, invest in technical controls that employ machine learning techniques of their own to check for vulnerabilities, and identify and remove intelligent malware.
In the longer term, organizations should review threat intelligence capabilities and knowledge with peers to better monitor developments in the malware ecosystem, and understand these new threats. This may involve engaging with external specialists and malware protection providers.
Furthermore, organizations must strengthen vetting services of vendors that offer AI and machine learning capabilities as a service to ensure such software cannot be misused for malicious purposes.
Preparation is Key
We are continually threatened by hackers attempting to steal our business plans and other intellectual property. Adversaries will use whatever methods they can to amplify their capabilities as soon as the tools are available. Intelligent malware will require us to improve our protective measures as soon as possible, to prevent increasing exploitation of vulnerabilities.
Early preparation is essential.
Steve Durbin, Managing Director, Information Security Forum, [email protected]