00:00Artificial intelligence is quickly becoming the defining force shaping the future of cyber security.
00:05While it enables faster detection and smarter defense,
00:09it's also empowering attackers to operate with unprecedented speed and sophistication.
00:14Today, we're diving into how AI is transforming the cyber threat landscape,
00:18what it means for organization and how businesses, especially here in Malaysia, can see ahead of the curve.
00:25Joining me online is Vice President Marketing and Communications, Fortin and APEC, Rashis Pandey.
00:31I want to say thank you very much, Rashis, for joining me.
00:34Firstly, we can take a look as AI is increasingly seen as the defining force in cyber security.
00:39From your perspective, how is it reshaping today's threat landscape,
00:43both in terms of the skill and sophistication of attacks?
00:49Thank you, Nina.
00:50I think artificial intelligence is turning cyber security into a machine-speed game.
00:55Yeah, where attacks are getting faster, much more automated and much more coordinated.
01:01Cybercriminals are using artificial intelligence to automate, for example,
01:05their social engineering attacks, their phishing attacks, malware, etc.
01:09What we are also seeing is that there is a shrinkage on the time to attack,
01:14which means our time to exploit,
01:16which means very soon after a vulnerability is discovered,
01:20cybercriminals go after it and that window is shrinking very, very rapidly.
01:25AI is also lowering the threshold for cybercriminals.
01:29You don't need to be very sophisticated to attack,
01:32to launch a very advanced kind of attack on any organization.
01:36So all of this is making the job of the defenders a lot more complicated.
01:40They are expected to respond at machine speed,
01:43but they do not have the infrastructure or the fragmented infrastructure
01:48that doesn't allow them to respond with that speed.
01:50And that's the journey we need to undertake, Nina.
01:54All right.
01:54Rash, taking a look at the situation,
01:57there's a growing concern that cyber security is becoming an AI-driven arms race.
02:01Could you unpack how are attackers using AI today
02:04and how should organizations respond?
02:08Yes, so cyber security is becoming an AI-versus-AI environment, right?
02:13On the threat actor side,
02:15they can now use AI to create attack packages
02:19which used to take months and weeks in a matter of minutes.
02:22They can create deep fakes with just the push of a button
02:26and at volumes which were unheard of just a few months back.
02:30We are also seeing attackers use cybercrime as a service model,
02:34whereby even if you don't have any technical know-how,
02:37you can just rent a cybercriminal organization
02:40to attack a company or a setup that you do not like.
02:45So the result is there's a significant increase
02:48on the offensive side of cyber security.
02:51On the defensive side,
02:53the customers also need to now start using artificial intelligence
02:56to respond in kind,
02:58which means we need to move away from manual models.
03:01We need to move away from fragmented infrastructure.
03:04We need to move away from slow response times
03:07into an integrated platform-driven approach to cyber security,
03:11which is powered by artificial intelligence.
03:14This is AI versus AI.
03:16AI in threats and also AI in security.
03:19With threats now moving at machine speed,
03:22traditional response timelines may no longer be sufficient.
03:25How important is it for organizations to rethink
03:27how quickly they detect and respond to attacks?
03:30And what does real-time security really mean
03:32in this new environment?
03:36So as I mentioned,
03:38I think velocity and speed
03:39are the name of the game right now in cyber security.
03:43Attackers, when they respond at very high intensities and speed,
03:47defenders need to respond as well.
03:49Now what the defenders need to focus on
03:53is a couple of things.
03:54The first is the mean time for detection.
03:57How quickly can I detect something is attacking my system?
04:01The second is mean time to response,
04:04which means how quickly can I respond to a threat
04:07which has been identified?
04:08Both these metrics need to shrink very rapidly
04:11and it needs to move away
04:13from a manual process-driven approach
04:16to a machine-led, machine-speed approach.
04:19For example, in security operations center,
04:22we are seeing customers have 15, 20, 30, 40 different tools
04:27which don't talk to each other.
04:29With such a landscape,
04:31you cannot automate and respond
04:33at the speed that is desired.
04:35The other thing we need to keep in mind,
04:37the organizations need to keep in mind,
04:39is everybody will get breached.
04:42It is a matter of time.
04:44We need to have in place
04:45resiliency plans in place
04:47so that when we know we are breached,
04:49we know what to do,
04:50we don't scramble.
04:51We know what are the next steps to take
04:53in a very orderly, automated fashion.
04:56Nina.
04:57And Rashis,
04:59many organizations are rushing
05:00to deploy AI power security tools
05:02but are companies truly strengthening cyber security
05:06or simply just adopting AI tools?
05:10There is a lot of AI experimentation happening
05:14as it is the hype.
05:15Everybody wants to use AI.
05:17What we have realized is
05:18there are certain hygiene factors
05:20you need to have in place
05:22to truly harness the impact of AI.
05:25For example,
05:26you need to have a very good data platform
05:28and visibility into your system.
05:30If you don't have end-to-end visibility,
05:32you don't have end-to-end data
05:35which is homogenized.
05:37It is very hard to respond
05:39even with great artificial intelligence tools.
05:42The second thing organizations need to do
05:43is they need to have connections
05:45between all the tools they are using
05:47which means if I see a threat at one place,
05:50I need to be able to respond to it at any place
05:52which means if I need to enforce policy
05:56in one part of the organization,
05:58I can automatically enforce policy
05:59across my entire organization
06:01and build what we call a zero-trust mindset.
06:05Now, in order to do that,
06:06we need to make sure that
06:08we have the underlying data infrastructure,
06:11the underlying platforms completely stitched up
06:14and a common operating system
06:16that sits across it.
06:18Once with these prerequisites in place,
06:20then you can run artificial intelligence model
06:23much more effectively
06:24and at scale, Nina.
06:27And as the AI system requires
06:29a lot of massive amounts of data
06:31to learn and detect threats,
06:33how do organizations strengthen security
06:35without creating new concerns
06:37around data and privacy?
06:40I think most organizations today
06:43have data already in place
06:45but it is very siloed.
06:47So we need to make sure
06:48that data are unpacked
06:50from the individual systems they are tracked in
06:52and we manage data
06:54as an asset across the organization,
06:56which means we need to have policies.
06:58How do we protect data?
07:00How do we store data?
07:01How do we retrieve data?
07:02So data needs to be managed
07:04like any other asset an organization has,
07:07build that visibility on top of it
07:09and then combine machine-to-machine models,
07:13for example,
07:14AI artificial intelligence models
07:16to enforce security policy.
07:18One of the key things to keep in mind
07:20is when you run artificial intelligence model,
07:24they operate at machine speeds
07:26and the communication happens
07:27between agents to agents.
07:29To make sure that this data is safeguarded,
07:32we need to ensure
07:33that each of the agents
07:35have the right privileges
07:36and the access
07:38so that they don't go beyond the scope
07:40of what they are being tasked to do.
07:43Rashid, in a militia context,
07:46how prepare our organizations
07:47to deal with AI-driven threats?
07:50And moving ahead,
07:52what should be their top priorities
07:54moving forward?
07:57I think in Malaysia,
07:58Malaysia is digitizing very rapidly
08:00and that gives organizations
08:03both the opportunity
08:04and the risk
08:05to navigate this new world, right?
08:07The world that we need to be is,
08:09if we cannot go back to digitization,
08:11we've got to digitize.
08:12As you digitize,
08:14you have to think about cybersecurity
08:15right from the design.
08:17In Malaysia, what we see,
08:19we have seen some very forward-looking organizations
08:21who understand the threat landscape,
08:23who understand their infrastructure
08:25need to be modernized,
08:26who understand that we need
08:27a new approach to cybersecurity,
08:30which is machine-led, AI-powered.
08:32And those organizations
08:33are well-positioned
08:34to navigate these new sets of changes.
08:36On the other spectrum,
08:38we have organizations
08:39who have a lot of fragmented tools
08:42which are bought over 10, 15, 20 years,
08:45who have a set of policies
08:47which are very manual-oriented.
08:49You still have operations
08:51which are heavily focused
08:53by engineers and analysts, etc.
08:56They are the ones who are struggling
08:58with this new wave
08:59of cybersecurity attacks.
09:01And those are the ones
09:02we need to help to make sure
09:03that they tighten up
09:05their infrastructure,
09:06they tighten up their data policy,
09:08we have the right amount
09:09of AI cybersecurity
09:10in their environment.
09:11And we start operating
09:13at the speed
09:14with which the threat actors
09:15are acting.
09:16Nina.
Comments