|
Listen to this story
|
As ML spreads its might in all quarters including security, it turbocharges everything it touches. Software company Splunk recently added new security and observability features to identify threats of a new world with generative AI.
Robert Pizzari, vice president of security at the company, speaks about why APAC is trailing behind other regions in terms of security, the growing concerns with GPT APIs and what Splunk plans to do about it.
AIM: What are some of the major cybersecurity obstacles faced by organisations in the current scenario?
Robert: With the growing number of interconnected devices in the modern enterprises along with the deluge of data — much of which is sensitive and confidential — the importance of cybersecurity continues to grow. In fact, according to Splunk’s latest State of Security 2023, 59% respondents in India report having faced data breaches in the past two years more often.
In the same report, we learned that some of the critical challenges faced by organisations in the current scenario are:
● Ransomware attacks – Ransomware is always on the rise. This year, the number of organisations that dealt with ransomware attacks rose to 75% as compared to last year.
● Breach in cloud security – With 50% of respondents saying that the majority of their SOC (Security Operations Centre) team’s time is spent addressing issues in the public cloud, while just 13% spend most of their time solving on-premises issues.
● Supply chain attacks – Software supply chain attacks are top-of mind in the post-SolarWinds era. 95% of organisations have increased their focus on third-party risk assessment activity, up from an already noteworthy 90% from 2022. In today’s complex, hybrid world, cyber security challenges are only going to become more intense.
AIM: With the arrival of generative AI and ChatGPT APIs flying around, what challenges do you see further in security?
Robert: The arrival of generative AI and ChatGPT APIs presents several challenges in terms of security. These technologies have the potential to be misused by cybercriminals to create sophisticated and convincing phishing emails, deep fake videos, and other types of malicious content.
Some specific challenges that could arise include:
● Greater attack of insider threats: Generative AI and ChatGPT APIs can be used to create fake identities or to impersonate employees, making it easier for attackers to carry out insider attacks. This could result in the theft of sensitive data or the compromise of critical systems.
● Difficulty in detecting advanced threats: Advanced technology can be used to create new types of malware or to obfuscate existing ones, making it harder for traditional security tools to detect them. This could result in advanced threats going undetected within networks and systems for a couple of months before causing significant damage.
● Challenges in compliance and privacy: The use of AI could raise compliance and privacy concerns, particularly in industries such as finance and healthcare. Enterprises need to use these technologies responsibly and ethically and comply with relevant regulations and protect individual’s privacy rights.
AIM: Can you share some key India insights from the State of Security 2023 report? How is India faring compared to its global counterparts?
Robert: Blockchain technology, 5G, the Internet of Things (IoT), artificial intelligence (AI), and other rapidly developing and pervasive technologies are offering significant development opportunities for businesses in India. However, the number of cyber attacks and data breaches in Indian organisations have gone up multi-fold over the last couple of years thanks to the expansion of the threat surfaces.
According to the Splunk report, in India, 42% of Indian organisations were found to be overwhelmed by the number of attacks versus 23% in the rest of the world. Part of the problem seems to be the complexity of their tool ecosystems as 48% say their security stack is too complex, compared to 28% in the rest of the world. However, the report also highlights how system complexity has led to greater prioritisation of security investment in India and organisations in India are investing more in improving their cyber resilience as compared to the rest of the world.
AIM: What trends and ground-breaking changes do you anticipate in the Indian cybersecurity landscape in 2023?
Robert: Cyberattacks continue to grow in quantity and sophistication just as organisation systems become increasingly complex. According to the State of Security 2023, over half of the organisations globally shared they have suffered a data breach in the past two years, an increase from 49% in 2022 earlier and 39% in 2021. As cybersecurity risks continue to evolve, some of the key trends that we anticipate in the Indian cybersecurity landscape in 2023 are:
● Cybercrime-as-a-Service economy will expand the volume and effectiveness of cyberattacks and companies should expect an increasingly hybrid environment.
● Misinformation attacks against businesses will increase considerably as AI technology continues to improve. Deep fakes and other methods that distort reality should be taken into consideration by security leaders in order to avoid reputational and financial losses.
● Supply chain disruptions will continue with under-funded and under-sourced open source technologies being a significant vulnerability. Open source is widely used but has yet to resolve compliance standards. This puts organisations’ supply chain system to risk.
● Blockchain security concerns will increase and cyberspace breaches in the blockchain industry will probably have a huge financial impact.
● Machine Learning (ML) offers greater security but can also act as another vector of attack and cannot be left unsupervised. While ML algorithms recognise data threats and alert possible cyber breach, it will be important to understand these model functions and keep a close watch over them.
For organisations to stay ahead in 2023, business leaders need to start leveraging analytics-driven security solutions and unified platforms in order to achieve cyber resilience and future-proof themselves against these ever-evolving threats that become more sophisticated.
