Jun 07 2023

How Will AI Affect Cybersecurity In Coming Years?

The power of artificial intelligence has been made clear. We asked Forcepoint CEO Manny Rivelo whether the criminals or the good guys will make better use of it over time.

These are heady days for cybersecurity professionals. Already charged with perhaps the most important job in business — protecting an organization’s data and its people from sophisticated criminals — they’re increasingly concerned about the implications of artificial intelligence on their ability to do that. The emergence of ChatGPT arrived like a thunderbolt, clarifying how powerful the young technology has already become.

What does it mean for the future of data protection? And what’s the state of cybersecurity today more broadly? At the recent RSA Conference on cybersecurity in San Francisco, BizTech Managing Editor Bob Keaveney sat down with Manny Rivelo, CEO of security leader Forcepoint, to discuss the industry’s path forward during a time of breathtaking change.

BIZTECH: We keep hearing about the implications of AI on security. Is that what you’re hearing the most about right now?

Well, when you saw ChatGPT come out, that week I was in Australia and New Zealand, and the conversation was all about that. A week prior, no one was talking about it, and then everyone was.

There’s no question it’s great tech. You can see the power of it, and it’s still in its infancy. About a month ago, one of our engineers decided he was going to try to write an undetectable zero-day malware attack without writing a single line of code, just by asking ChatGPT questions. He did it in two hours. And it was interesting, because after the first question he asked, ChatGPT was intelligent enough to come back and say, “I don’t provide that.” But if you disguise the question and come around the edge, he was able to get ChatGPT to write the code, and all that he did was stitch it together.

So, that’s the risk. These tools are getting smart, they’re getting more intelligent, and if we could access them and come up with something like that in two hours, what can an adversary do?

Click the banner below to unlock exclusive security content when you become an Insider.

BIZTECH: What’s your sense of how AI will affect security over the next few years?

You’re going to see AI in more tools. It can go through an incredible amount of information and then create some business logic around that that could prevent a vulnerability. When you’re looking for a needle in a haystack, AI is a very powerful tool. It can see huge amounts of data in real time and then analyze and triangulate situations.

For example, we use AI in our tools; we use it to dynamically classify information. We look at the data you have, and through AI and ML, we identify what’s confidential, and then monitor that. You’re going to see a lot more of that capability inside the tools to do a lot of the heavy lifting.

But it can also be used for evil. The key point is that organizations are going to have to adapt to it. If we were having this conversation 15 years ago, you’d be asking, “What do you think of the cloud?”

Now, everyone uses the cloud. It’ll be the same with AI. You’ll continue to see it evolve, and there will be the next evolution of tech behind that. So, the world’s going to get more interesting.

BIZTECH:  On net, is AI good, bad or a push for security?

I think it’s a push. It can be used to create concerns. The biggest is data exfiltration, but there are technologies to protect against that.

For example, we as a company have strong data protection capabilities. We make sure that when you do ask it a question, we prevent protected data from flowing out. And that’s really what the hackers want, to take advantage of your data to hold you hostage. There are answers for that. That’s why I think there’s also a renaissance around data protection, because the capability of exfiltrating data has continued to grow.

Your data is no longer just inside your enterprise. Data is everywhere. It’s in your devices, it’s in Software as a Service (SaaS) apps, it’s in cloud apps.

LEARN MORE: What IT leaders need to know before, during and after a ransomware attack.

BIZTECH: Beyond AI, what are you hearing from customers in terms of what their top concerns are now?

The industry is getting smarter. We used to look at things from the perspective of, “I have a security hole, how do I fix it?” And that’s still an issue. But at the end of the day, people are going to chase productivity: “How do I empower my employees to be more productive?”

At the same time, there’s a discussion around ROI. These new architectures, secure access service edge and zero-trust architectures, also have the capability of not only delivering better security and better productivity but also of producing better ROI.

We’re going from buying point products to buying a suite of solutions, a platform. It’s a better-balanced conversation I’m seeing from CIOs and CISOs, where they are saying, “I know I have to chase productivity and I know I have to improve security, but can I also save money along the way?” That’s what’s interesting about this SASE, zero-trust architecture: You can get all three.

BIZTECH: Can you give some examples of how SASE and zero trust deliver that?

One simple example with productivity is the ability to use a managed or unmanaged device, the ability to work from home, the ability to have data in the cloud — liberation of how users work.

The concept of ROI is that if you’re able to consolidate the technology into fewer point solution vendors, there’s a savings there because you have fewer management consoles and fewer conversations about how to make security work. A lot of our customers tell us, “If we put you in, you have to take two out.” The platform enables you to do that.

A good use case is that we’re able to take data policy — how do you want to manage your data? — and in one place, put that policy out for all your users and all your apps and push that across all channels. What I mean by a channel is things like your USB, your Wi-Fi port, your printer port. We’re also able to push it across SaaS applications, your private applications, services in your data center, your email and across the web so all your searches and everything you’re doing online has protection.

The big conflict in security is, “How do I enable more of the protection quickly? How do I simplify it?” The platform enables you to do that because you’re not dealing with point technologies, you’re dealing with an integrated platform.

EXPLORE: How cybercriminals use AI in their attacks and how to defend against it.

BIZTECH: What are the emerging vulnerabilities that organizations are worried about?

I don’t know that there’s anything new and emerging. We still get phishing attacks. We still get zero-day viruses and malware. However, the hackers are getting more sophisticated. We’re seeing a lot of steganography, for example, which is hiding malware or viruses in images. Think of a big jpeg; you could very easily insert code in that, and it’s very difficult to see.

BIZTECH: Where are we right now in security overall? Are things getting better or worse?

I can’t say it’s getting better or worse; it’s a cat and mouse game, where the adversaries are finding vulnerabilities, the enterprises close them, then they go and find another. That trend continues, and it will forever. The attacks we see happen because enterprises need additional vehicles to drive their productivity.

Cybersecurity is a very large part of the creation of the internet, and as we’ve evolved the internet from very simple tools to more advanced capabilities, such as leveraging the cloud and so forth, new attack vectors are created. Attackers exploit those, we find solutions, enterprises consume those solutions and that world continues.

DISCOVER: Why plug-and-play switches and routers must be configured for security.

BIZTECH: How can security teams understand how well the security solutions they’re deploying are working?

That’s a great question. We just launched a product that we call Insights, and it’s exactly that. Any CFO can tell you how much they spend on security. The question is, what do you get for it? Insights is a tool that tells you what it’s preventing from happening inside your enterprise every time it catches malware or an exfiltration.

It’s telling you about your data: Where is it, how much is it protecting? And it even has an ROI calculator in it because we know that every time we stop a piece of malware from reaching your desktop, if it had hit your desktop and your desktop needed to be reimaged, it will cost the company $350. We’re trying to give the business a tool to visualize what it’s getting out of security.

Photography by Rick Dahms

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT