In the cybersecurity arms race, you have access to the same weapons as the bad guys. Just how well-armed are you now?
It’s an age-old adage of cyber defense that an attacker has to find just one weakness or exploit, but the defender has to defend against everything. The challenge of AI, when it comes to cybersecurity, is that it is an arms race in which weapons-grade AI capabilities are available to both attackers and defenders.
Cisco is one of the world’s largest networking companies. As such, it is on the front lines of defending against AI-powered cyberattacks.
Anand Raghavan: I’m Anand Raghavan, VP Products, AI for the AI Software and Platforms Group at Cisco. We focus on working with product teams across Cisco to bring together transformative, safe, and secure Gen AI-powered products to our customers.
Two products that we launched in the recent past are the Cisco AI Assistant which makes it easy for our customers to interact with our products using natural language, and Cisco AI Defense which enables safe and secure use of AI for employees and for cloud applications that organizations build for their customers.
AR: AI has completely changed the game for network security, enabling hackers to launch more sophisticated and less time-intensive attacks. They’re using automation to launch more personalized and effective phishing campaigns, which means employees may be more likely to fall for phishing attempts.
We’re seeing malware that uses AI to adapt to avoid detection from traditional network security tools. As AI tools become more common, they expand the attack surface that security teams need to manage and they exacerbate the existing problem of shadow IT.
Just as companies have access to AI to build new and interesting applications, bad actors have access to the same sets of technologies to create new attacks and threats. It has become more important than ever to use the latest in advancements in AI to be able to identify these new kinds of threats and to automate the remediation of these threats.
Whether it is malicious connections that can be stopped in real-time in the encrypted domain within our firewalls using our Encrypted Visibility Engine technology, or our language-based detectors of fraudulent emails in our Email Threat Defense product, it has become critical to understand the new attack surface of threats and how to protect against them.
With the advent of customer-facing AI applications, models and model-related vulnerabilities have become critical new attack surfaces. AI models can be the target of threats. Prompt injection or denial of service attacks may inadvertently leak sensitive data. The security industry has responded quickly to incorporate AI into solutions to spot unusual patterns and detect suspicious network activity. but it’s a race to stay one step ahead.
AR: In an evolving threat landscape, AI-powered security tools deliver continuous and self-optimizing monitoring at a scale that manual monitoring can’t match.
Using AI, a security team can analyze data from various sources across a company’s entire ecosystem and detect unusual patterns or suspicious traffic that could indicate a data breach. Because AI analyzes this data more quickly than humans, organizations can respond to incidents in near real-time to mitigate potential threats.
When it comes to threat monitoring and detection, AI offers security professionals a «better together» scenario where the human professionals get visibility and response times with the AI that they wouldn’t be able to achieve solo.
In a world where experienced top-level Tier 3 analysts in the SOC [security operations center] are harder to find, AI can be an integral part of an organization’s strategy to aid and assist Tier 1 and Tier 2 analysts in their jobs and drastically reduce their mean time to remediation for any new discovered incidents and threats.
Workflow automation for XDR [extended detection and response] using AI will help enterprises stay ahead of cyber adversaries.
AR: When you think about how quickly people have adopted AI applications, it’s off the charts. Within organizations, however, AI development and adoption isn’t moving as quickly as it could be because people still aren’t sure it’s safe or they aren’t confident they can keep it secure.
According to Cisco’s 2024 AI Readiness Index, only 29% of organizations feel fully equipped to detect and prevent unauthorized tampering with AI. Companies can’t afford to risk security by moving too quickly, but they also can’t risk being lapped by their competition because they didn’t embrace AI.
AI Defense enables and safeguards AI transformation within enterprises, so they don’t have to make this tradeoff.
