AI is changing the game when it comes to cyber security

Cyber security has reached a fundamental inflection point thanks to AI and the industry is on the cusp of massive change that is very different from what we’ve seen in the past. 

So says Jeetu Patel, executive vice president and general manager, of security and collaboration at Cisco, who used his keynote speech at the RSA Conference in San Francisco to highlight that we are quickly moving away from a world of “complete scarcity” into the opposite when it comes to resources. 

“The cyber security industry is about to have a pretty seismic change in the way that it’s going to operate…. In practical terms, all of us in the IT industry each have a certain contained set of budget every year and are expected to do a little bit more with just a little bit less,” Patel said. 

“This is the first time in the history of humanity that I think you can start to see that there might actually be us entering into a state of abundance… The ability for us to augment capacity to humans is going to be so profound and grow at such different scales and proportions to what we’ve seen before that if you had, suppose, 20 developers on your team expanding that to 100 through digital workers is not going to be hard to do and is going to be very plausible.” 

That said, with the rapid evolution of threats moving laterally across networks and AI enhancing attackers' sophistication, the need for a big shift in defense strategies is urgent, according to Patel and fellow keynote speaker Tom Gillis, senior vice president and general manager of security for Cisco. 

Patel and Gillis revealed that AI is no longer just a buzzword but a transformative tool, enabling organizations to anticipate, detect, and respond to threats with unparalleled speed and precision.

During their engaging discussion, Patel and Gillis elaborated on how Cisco is harnessing these AI advancements to forge new paths in cyber security. Patel highlighted the shift from traditional security methods towards a more integrated AI-driven approach. 

He pointed out that the infrastructures and applications requiring protection are rapidly evolving, making traditional methods less effective. The increased complexity and connectivity of modern networks demand a smarter and more responsive security strategy.

"AI isn't just an enhancement; it's becoming a necessity," Patel asserted. He described how AI can proactively address the challenges of real-time threat detection and system vulnerabilities. 

By implementing AI at the core of cyber security strategies, organizations can shift from reactive to pre-emptive security postures.

Gillis expanded on this by discussing the application of AI in network segmentation and vulnerability management, two critical areas that have traditionally been labor-intensive and prone to human error. With AI, these processes can become more dynamic and accurate, adapting to new threats as they emerge.

"Imagine a system that not only detects and reacts to threats but also predicts and prevents them before they can do harm," Gillis explained. He introduced the concept of 'autonomous security', where AI-driven systems continuously learn and adapt, ensuring that security measures evolve at the pace of new threats.

The keynote also addressed the potential risks and ethical considerations of AI in cyber security, emphasizing the importance of responsible AI use. Both speakers highlighted the need for stringent governance and transparency in AI operations to prevent biases and ensure data privacy.

The keynote presentation concluded with a call to action for all cyber security professionals: to embrace AI not as a tool but as an integral part of their security strategy. As threats become more sophisticated, so too must the defenses against them.

By integrating AI into their cyber security frameworks, organizations can enhance their ability to protect against and mitigate cyber threats, ensuring a more secure future in an increasingly digital world.