AI Revolutionizes Network Security: Insights from Black Hat USA 2024
2 Sources
2 Sources
[1]
AI transforms network security amid remote work challenges - SiliconANGLE
AI transforms network security amid remote work challenges The world of network security is being greatly impacted by artificial intelligence, the rise of the data lake and the ramifications of a pandemic that forced companies to adopt a remote work model. Hewlett Packard Enterprise Co. recently acquired Juniper Networks to meet this tough transition in cybersecurity, with an emphasis on deploying AI. "It's a tough life to be a CISA right now ... our thesis is that it's really about AI. It's really about taking the things that we can do as HPE Aruba Networking, leverage our network background, the switches we have, the APs we have, the intelligence that we have put into these devices," said John Spiegel (pictured), SASE field chief technology officer at HPE. "How do we leverage those and take the telemetry from those devices, put it into our central platform, and then start to provide insights, recommendations, understand what the device does, what is its meaning, what is its purpose, what's the why behind it, and then start to apply policy or at least recommend policy based on that?" Spiegel spoke with theCUBE Research's John Furrier at the Black Hat USA event, during an exclusive broadcast on theCUBE, SiliconANGLE Media's livestreaming studio. They discussed how AI is changing cybersecurity and network architecture. (* Disclosure below.) The cybersecurity space is experiencing a workforce shortage due to the rise of AI and the expansion of the Internet of Things. This IoT network encompasses connections between devices embedded in everyday objects and the cloud. "We're seeing a proliferation of devices. And it's not just within the factories or manufacturing, it's actually in the office itself ... that is one of the biggest challenges right now in my mind," Spiegel. "We can start to leverage AI to target, understand, profile these devices but then make sense of it. The humans have a hard time at scale, and I think that's really where the opportunity is." Since the pandemic, many workers have continued to stay remote, prompting a shift in network security. Team members have to be protected on their devices and when they visit a campus, but figuring out how to construct a network that is fully secured is a complex task. "Network's all about optimizing, making things faster, moving those packets as quickly as possible from point A to point. B. Security, on the other hand, is all about looking at it, inspecting it, understanding the risk ... you got to really kind of bring them together," Spiegel said. "And inserting what I call legacy devices inside there that basically inspect them all the time, I think is the wrong approach. We got to work together. And that's really where we feel there's an opportunity and an advantage to leverage tools like AI." HPE has developed a Network Detection Response technology that uses telemetry from its network's data lake to train AI models for securing edge devices. This innovation enhances coverage across a campus and its branches. "There's a huge opportunity right now to rethink the network from a data center layer perspective. You need low latency, you need non-blocking to make AI successful, and then you start to see what happens next. The AI co-pilots are now moving over to laptops and those PC devices," he said. "Then tying it together with a centralized control mechanism like we have with HPE Aruba Networking. And it also starts to address some of the challenges with the workforce."
[2]
Darktrace AI: Leading the charge in advanced cybersecurity defense - SiliconANGLE
Darktrace AI: The vanguard of cyber defense based on continuous learning and advanced threat detection Even though artificial intelligence has incredible potential to augment the current cyber workforce and expand situational awareness, comprehensive integrations are needed for enhanced visibility, as evidenced by Darktrace AI, that continuously learns daily business operations. As the speed, efficacy, sophistication and scale of cyber attacks continues to grow, Darktrace AI easily spots abnormality by boosting incident detection, cyber resilience and threat vulnerability prioritization since it continuously learns the unique digital fingerprint of a business in real time, according to Nicole Carignan (pictured), vice president of strategic cyber AI at Darktrace Holdings Ltd. "We already have an incredible unsupervised machine learning engine that understands the entire digital estate across multiple domains," Carignan said. "We use graph theory with infection-based modeling to understand which assets are the most exposed, vulnerable, damaging or critical, and prioritizing that to nest hardening mitigations. We had two customers who were observing anomalous activity on their Palo Alto firewalls because we had such a great technical integration with them." Carignan spoke with theCUBE Research's Savannah Peterson at the Black Hat USA event, during an exclusive broadcast on theCUBE, SiliconANGLE Media's livestreaming studio. They discussed why continuous learning is crucial for enhanced cyber resilience, as evidenced by Darktrace AI. It is fundamental to recognize that humans cannot be the last line of defense when it comes to deepfakes. This is because a National Institutes of Health study showed that humans have a 50% accuracy of detecting deepfake imagery, presenting a strong case for machine-learning tools, such as Darktrace AI, Carignan stated. "We really need to facilitate the use of targeted machine learning techniques that could be accomplished at detecting anomalous behavior," she said. "There are RNNs and CNNs, neural networks that can be trained on pattern recognition of facial signals and biological signals that could help facilitate the detection of deepfakes. We can't rely on humans to be that defense, we need to augment them with machine learning techniques and detection." Cyber crime as a service continues to explode as showcased by Darktrace's latest threat report. As a result, it will take a growing arsenal of defensive AI to effectively protect organizations in the age of offensive AI, making Darktrace AI important, according to Carignan. "Third year in a row, cyber crime-as-a-service, ransomware-as-a-service, malware-as-a-service were the highest," she stated. "We're starting to see this global shift across different countries, where they're starting to regulate whether or not you can pay ransoms anymore. This is going to drastically impact the economic ecosystem for financially motivated threat actors." Phishing attacks' efficacy and volume are growing exponentially. This is because threat actors are using more sophisticated tactics, techniques and procedures designed to evade traditional security parameters, Carignan pointed out. "We saw in the first six months of this year over 17 million phishing emails across our customer fleet," she explained. "Thirty three percent of them had very sophisticated social engineering to include multiple types of phishing that go well beyond the inbox-like teams phishing, dropbox phishing, QR phishing."
Share
Share
Copy Link
AI is transforming network security, as highlighted at Black Hat USA 2024. Experts discuss the potential of AI in threat detection and response, while also addressing concerns about AI-powered attacks.
AI's Growing Role in Cybersecurity
The landscape of network security is undergoing a significant transformation, with artificial intelligence (AI) at the forefront of this change. At Black Hat USA 2024, cybersecurity experts and industry leaders gathered to discuss the profound impact of AI on network security, highlighting both its potential benefits and challenges
1
.Enhanced Threat Detection and Response
One of the primary advantages of AI in network security is its ability to dramatically improve threat detection and response times. AI-powered systems can analyze vast amounts of data in real-time, identifying patterns and anomalies that might escape human analysts. This capability allows for faster and more accurate detection of potential security breaches, enabling organizations to respond swiftly to emerging threats
1
.AI-Powered Attacks: A Double-Edged Sword
While AI offers significant benefits for defense, it also presents new challenges. Cybercriminals are increasingly leveraging AI to enhance their attack strategies, making them more sophisticated and harder to detect. This dual nature of AI in cybersecurity has sparked intense discussions among experts about the need for advanced AI-driven defense mechanisms to counter these evolving threats
1
.Darktrace's AI-Driven Approach
Darktrace, a leading cybersecurity company, showcased its AI-powered solutions at Black Hat USA 2024. The company's approach leverages machine learning algorithms to create a unique understanding of each organization's digital environment. This allows for the detection of subtle deviations that could indicate a security threat, even if it's a never-before-seen attack
2
.Autonomous Response Capabilities
A key feature of Darktrace's AI system is its ability to autonomously respond to threats. When a potential security breach is detected, the AI can take immediate action to contain the threat, such as isolating affected systems or blocking suspicious traffic. This rapid response capability is crucial in minimizing damage from cyberattacks, especially in scenarios where every second counts
2
.Related Stories
Challenges and Ethical Considerations
Despite the promising advancements, the integration of AI in network security is not without challenges. Experts at Black Hat USA 2024 emphasized the need for careful consideration of ethical implications, particularly regarding data privacy and the potential for AI systems to be manipulated or misused. Striking a balance between powerful AI-driven security and responsible use of technology remains a key focus for the industry
1
.Future Outlook
As AI continues to evolve, its role in network security is expected to grow even further. Industry leaders predict that AI will become an indispensable tool in the cybersecurity arsenal, enabling more proactive and adaptive defense strategies. However, they also stress the importance of ongoing research and development to stay ahead of AI-powered threats and ensure the responsible deployment of these technologies in safeguarding digital assets
1
2
.References
Summarized by
Navi
Related Stories
Weekly Highlights
1
Anthropic Secures $13B in Funding, Reaching $183B Valuation Amid AI Industry Boom
Business and Economy
2
OpenAI Partners with Broadcom to Develop Custom AI Chips, Challenging Nvidia's Dominance
Technology
3
Tesla Proposes $1 Trillion Pay Package for Elon Musk, Tied to Ambitious AI and Robotics Goals
Business and Economy
Weekly Highlights
Explore today's top stories
Your Daily Dose of Curated AI News
Don’t drown in AI news. We cut through the noise - filtering, ranking and summarizing the most important AI news, breakthroughs and research daily. Spend less time searching for the latest in AI and get straight to action.
