AI will certainly be used by attackers to improve the quality of their strikes, but there are proactive measures we can take today to scale our defenses. Help is here. Credit: iStock/AndreyPopov I recently read an article reporting a new, generative AI worm dubbed “Morris II” and I immediately began to worry. Would AI learn the best ways to phish me? Could AI predict where my vulnerable systems and users are? Would it easily find new and previously unreported vulnerabilities by which to compromise me? Would all of this happen at quantum speed? For many, a new, generative AI worm is an understandable reason to panic. Pushing back against hysteria, however, we discover that Morris II only targets AI apps and AI-enabled email assistants. No attack is a good one, but at least this one’s very specific. More importantly, I would suggest, is the recognition that just as AI is helping to accelerate and automate attacks, it will also drastically improve security efficacy. While AI threatens to overwhelm reactive security teams with the pace and sophistication of its onslaught, it can likewise enable proactive prevention through predictive processes and controls. This is critical to giving security teams the chance to withstand the barrage that awaits them. Scaling alongside AI-enabled attacks There are two proactive efforts that scale well when accelerated attacks become the norm. Neither of these efforts need to be AI-powered to be effective against AI-based attacks, but AI can certainly enhance both of them. I believe not having these techniques in place will almost guarantee security teams will fail to keep up with AI-enabled attacks. The first is zero trust. Zero trust is not a single product or solution – it is a paradigm for architecting infrastructure. Individually authenticating each access request is a good starting place. A core tenet of zero trust entails eliminating the assumption (i.e. “implicit trust”) that a user on the inside is already authenticated and authorized to use a resource. Crucially, zero trust is capable of scaling in the face of accelerated attacks. As a Gartner analyst, I saw many organizations benefit from zero trust’s tendency to automatically contain attacks. This reduces the blast radius of any successful intrusion and can even foil attackers’ reconnaissance efforts. Isolating users and assets with techniques such as microsegmentation prevents attacks from spreading. However, complete network microsegmentation can be challenging. Instead of jumping into full microsegmentation, many organizations benefit by focusing on isolating access to their most important resources – their “crown jewels.” They do this by expanding zero trust network access (ZTNA) for remote workers into the office, so all workers in the office also use ZTNA. ZTNA expansion, typically referred to as universal ZTNA, can even eliminate the need for network access control (NAC). The other important effort is vulnerability management. Today, vulnerability management is often done in ways that do not scale. Many organizations, in the face of massive numbers of published common vulnerabilities and exposure (CVE), recognize they cannot patch everything and must prioritize. Prioritization is the right decision, but how you prioritize CVEs matters. In my experience, most organizations prioritize CVEs by severity, choosing those with the most severe risk rating to patch first. The problem with that thinking, as my former Gartner colleague Craig Lawson points out, is that only a small number of CVEs are ever actively exploited. It therefore makes more sense to prioritize actively exploited CVEs over severe but rarely exploited vulnerabilities. Smarter prioritization of patching, as can be enabled by AI, will make a material difference in how organizations reduce their exploitability. This, among other areas, is where our recent acquisition of Avalor offers essential capability enhancements. Unified vulnerability management, a part of Avalor’s data fabric offerings, will help organizations more effectively triage their outstanding vulnerabilities. Although AI will inevitably be used by attackers to improve the quality and enhance the pace of their attacks, there are proactive measures we can take to scale our defenses. Zero trust and smart vulnerability management can help prevent attacks by proactively reducing the attack surface and lowering real risk. This is what Zscaler CEO Jay Chaudhry means when he discusses “fighting AI with AI.” Given the likelihood that attacks will accelerate, AI-enabled proactive protection should be considered mandatory. To learn more, visit us here. Related content brandpost Sponsored by Zscaler NYC Department of Education builds the pipeline for future cybersecurity professionals NYC Department of Education's innovative programs empower students through hands-on experience and partnerships in cybersecurity, paving the way for diverse career pathways and long-term success in the digital workforce. By Demond Waters, CISO, and Anthony Dixon, Director of Cybersecurity Engineering at the New York City (NYC) Department of Education (DOE) Oct 21, 2024 10 mins Security brandpost Sponsored by Zscaler Are Your Firewalls and VPNs the Weakest Link in Your Security Stack? In an era when traditional network perimeters no longer exist, it’s time to adopt the Zero Trust mantra, "never trust, always verify.” By Zscaler Oct 21, 2024 9 mins Security brandpost Sponsored by Zscaler 6 key mobile and IoT/OT attack trend findings Zscaler ThreatLabz analysis shows more than 100% growth in spyware, much of which can bypass multifactor authentication, and 45% growth in IoT attacks. By Will Seaton, Viral Gandhi, Yesenia Barajas Oct 18, 2024 6 mins Security brandpost Sponsored by Zscaler Zero Trust + AI: A match made in the clouds It’s time to unpack the true value of Zero Trust and AI in modern cybersecurity. By Zscaler Sep 27, 2024 5 mins Machine Learning Cloud Computing Security PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe