AWS re:Invent 2023: How AI Is Impacting the State of Cloud Security

The cybersecurity landscape is currently shifting in response to the implementation of artificial intelligence in cloud security.

LISTEN

Your browser doesn’t support HTML5 audio

Cybersecurity is constantly evolving, as IT leaders must anticipate the changing methods of cybercriminals, who will exploit every new opportunity in to gain access to valuable and sensitive data.

At this year’s AWS re:Invent conference in Las Vegas, Amazon Chief Security Officer Steve Schmidt spoke about the complicated role of the security professional. “To me, it’s playing chess while practicing psychology, because in order to win at this game, you have to stay focused on the board, paying attention to how the pieces move, how they interact. You have to try to determine your opponent’s strategy, and then predict their moves and adjust your strategy and response.”

Schmidt noted that cybersecurity has both technical and human elements at play, “with the only constant amongst everything being change.”

“Security is not simple cause and effect; security is a weave of overlapping layers,” he said. “And each of those layers is constantly shifting and evolving. You, as a security professional, need to try and account for this complexity in this complex tapestry that’s around you. Our adversaries, of course, are constantly evolving what they do and adapting as well. They’re improving their techniques and the tools they use to attempt to disrupt our businesses. You have to predict, anticipate, adapt and ultimately react to these changes in what’s going on around you.”

Click the banner to learn how your organization can improve its ransomware recovery and defense.

How AWS Offerings Can Boost Observability

In a separate session at the event, Dilip Kumar, vice president of AWS applications for Amazon Web Services, noted that “most organizations use somewhere between 50 to 100 SaaS applications on a regular basis. Now, while this has been super popular with employees, it is not necessarily as popular for IT administrators or security professionals working at companies, because they lose the ability for observability, which is a critical part of the job.”

To help its customers contend with this proliferation of apps, AWS announced AWS AppFabric earlier this year. Kumar explained that AppFabric allows AWS to connect multiple SaaS applications and normalize all log formats so that the individual Software as a Service applications don’t have to do it, thereby connecting the apps to the security platforms that the organization is using.

“So, if you’re a security professional in a company, or if you’re an IT administrator, you get the level of observability that you’ve always wanted,” he said. “But now you can do this without any of the unnecessarily heavy lifting. There’s a reason why AppFabric has become very popular very quickly with customers: it’s because it specifically hit on what IT administrators and security professionals have been craving.”

DIVE DEEPER: Find out how automation can drive efficiency for your organization.

How AI Can Be Leveraged to Improve Security

While there are legitimate fears about how cybercriminals will leverage artificial intelligence to execute more sophisticated attacks, the technology can also be used to help anticipate, prevent and remediate after attacks.Combining sophisticated tooling with skilled engineers is highly effective because it puts people in a position to make the nuanced decisions that are required for security,” Schmidt said.

“No matter what you might hear in marketing somewhere else, AI cannot do that on its own. Let me be clear: AI is one of those technologies that allows us to make a leap forward and it will impact all layers of our security. It helps our people be more efficient and more effective. It’s already radically changing our business and how it works. And when used as a complement to other tools with appropriate human review, it can help security controls be more effective,” he said.

In a related session, Emily Mossburg, global cyber leader at Deloitte, said, “Coming from a cyber point of view at Deloitte, our ‘impossible’ is a world where cyberattacks are no longer credible threats. And I really believe that we can move closer to that direction through building secure environments where customers and partners can share security, data, threat intelligence, and we can power those environments with generative AI and machine learning models. Those models will help make getting to security autonomy a reality.”

There’s a limited tech talent pool that we’re all competing for, and we’re constantly looking for the right people on the security side.”
Arno Van Der Walt

Senior Vice President and CISO, Marriott International

“The challenge that we have today is that there are not enough security experts. We have a ton of data, but we don’t have enough information. And we have a number of disparate solutions and vendors making cyber very complex and very expensive,” Mossburg continued. “We need to unify and simplify what we’re doing in the cyber space. We need to be able to quickly identify new threat vectors and move rapidly to remediation. And most importantly, we need to be able to recover important critical business processes and functions and drive resiliency into our organizations.”

Arno Van Der Walt, senior vice president and CISO at Marriott International, joined the conversation with his recommendations. “First of all, find a way to connect your cyber strategy with your business outcomes,” he said. “We’re all facing the same challenges as information security professionals. What we do happens largely behind the scenes. And it’s so pivotal to maintain the trust of our consumers for our brands and our products.”

Noting the increased frequency and sophistication of cyberattacks, Van Der Walt noted that skilled talent is scarce. “The fact is that we just can’t scale out with people. There’s a limited tech talent pool that we’re all competing for, and we’re constantly looking for the right people on the security side,” he said. “We’re also looking at ways to complement their capabilities. By using AI and automation, for example, we’re finding ways to leverage business data and security telemetry to accelerate threat hunting and to improve and be more efficient in identifying fraud in our environments. This is all made possible by bringing together business and security data.”

AWS Continues to Enhance Its AI Security Offerings

Schmidt touted the ways in which AWS has advanced its security tools to help customers protect themselves and their data. “When it comes to AI, our guiding tenet is simple: Your data is just that, yours,” he said. “This is the approach we took with the customization capability available to customers of Amazon CodeWhisperer. This feature allows customers to securely connect CodeWhisperer to their internal code stores to create multiple customizations.”

Along with CodeWhisperer, AWS introduced enhanced security features as part of Bedrock and Amazon Virtual Private Cloud. No matter which service you’re using, Schmidt said, “AWS provides the choice of controls and services that will help you meet your data privacy and security needs.”

“We’ve been using and building AI solutions at Amazon for a very long time now,” he said. “We have a large number of internal AI solutions that we use to deliver your services.”

Keep this page bookmarked for articles from the event, and follow along on X (formerly Twitter) at @BizTechMagazine and the official conference twitter feed, @AWSreInvent.