It is an age-old adage of cyber protection that an attacker has to search out only one weak point or exploit, however the defender has to defend towards the whole lot. The problem of AI, in the case of cybersecurity, is that it’s an arms race by which weapons-grade AI capabilities can be found to each attackers and defenders.
Cisco is without doubt one of the world’s largest networking corporations. As such, it’s on the entrance strains of defending towards AI-powered cyberattacks.
On this unique interview, ZDNET sits down with Cisco’s AI merchandise VP, Anand Raghavan, to debate how AI-powered instruments are revolutionizing cybersecurity and increasing organizations’ assault surfaces.
ZDNET: Are you able to briefly introduce your self and describe your position at Cisco?
Anand Raghavan: I am Anand Raghavan, VP Merchandise, AI for the AI Software program and Platforms Group at Cisco. We concentrate on working with product groups throughout Cisco to deliver collectively transformative, secure, and safe Gen AI-powered merchandise to our clients.
Two merchandise that we launched within the latest previous are the Cisco AI Assistant which makes it straightforward for our clients to work together with our merchandise utilizing pure language, and Cisco AI Protection which permits secure and safe use of AI for workers and for cloud functions that organizations construct for his or her clients.
ZDNET: How is AI remodeling the character of threats enterprises and governments face on the community degree?
AR: AI has utterly modified the sport for community safety, enabling hackers to launch extra subtle and fewer time-intensive assaults. They’re utilizing automation to launch extra personalised and efficient phishing campaigns, which implies workers could also be extra more likely to fall for phishing makes an attempt.
We’re seeing malware that makes use of AI to adapt to keep away from detection from conventional community safety instruments. As AI instruments grow to be extra widespread, they broaden the assault floor that safety groups must handle and so they exacerbate the prevailing downside of shadow IT.
Simply as corporations have entry to AI to construct new and fascinating functions, dangerous actors have entry to the identical units of applied sciences to create new assaults and threats. It has grow to be extra essential than ever to make use of the most recent in developments in AI to have the ability to establish these new sorts of threats and to automate the remediation of those threats.
Whether or not it’s malicious connections that may be stopped in real-time within the encrypted area inside our firewalls utilizing our Encrypted Visibility Engine expertise, or our language-based detectors of fraudulent emails in our E mail Menace Protection product, it has grow to be crucial to know the brand new assault floor of threats and learn how to shield towards them.
With the arrival of customer-facing AI functions, fashions and model-related vulnerabilities have grow to be crucial new assault surfaces. AI fashions may be the goal of threats. Immediate injection or denial of service assaults could inadvertently leak delicate information. The safety trade has responded shortly to include AI into options to identify uncommon patterns and detect suspicious community exercise. nevertheless it’s a race to remain one step forward.
ZDNET: How do AI-driven instruments assist enterprises keep forward of more and more subtle cyber adversaries?
AR: In an evolving menace panorama, AI-powered safety instruments ship steady and self-optimizing monitoring at a scale that handbook monitoring cannot match.
Utilizing AI, a safety crew can analyze information from varied sources throughout an organization’s complete ecosystem and detect uncommon patterns or suspicious visitors that might point out a knowledge breach. As a result of AI analyzes this information extra shortly than people, organizations can reply to incidents in close to real-time to mitigate potential threats.
In relation to menace monitoring and detection, AI provides safety professionals a “higher collectively” situation the place the human professionals get visibility and response occasions with the AI that they would not have the ability to obtain solo.
In a world the place skilled top-level Tier 3 analysts within the SOC [security operations center] are more durable to search out, AI may be an integral a part of a company’s technique to assist and help Tier 1 and Tier 2 analysts of their jobs and drastically scale back their imply time to remediation for any new found incidents and threats.
Workflow automation for XDR [extended detection and response] utilizing AI will assist enterprises keep forward of cyber adversaries.
ZDNET: Clarify AI Protection, and what’s the fundamental downside it goals to resolve?
AR: When you concentrate on how shortly folks have adopted AI functions, it is off the charts. Inside organizations, nonetheless, AI improvement and adoption is not transferring as shortly because it might be as a result of folks nonetheless aren’t positive it is secure or they are not assured they will preserve it safe.
In response to Cisco’s 2024 AI Readiness Index, solely 29% of organizations really feel absolutely geared up to detect and forestall unauthorized tampering with AI. Firms cannot afford to threat safety by transferring too shortly, however additionally they cannot threat being lapped by their competitors as a result of they did not embrace AI.
AI Protection permits and safeguards AI transformation inside enterprises, so they do not must make this tradeoff. Sooner or later, there will probably be AI corporations and corporations which are irrelevant.
Serious about this problem at a excessive degree, AI poses two overarching dangers to an enterprise. The primary is the danger of delicate information publicity from workers misusing third-party AI instruments. Any mental property or confidential data shared with an unsanctioned AI software is inclined to leakage and exploitation.
The second threat is expounded to how companies develop and deploy their very own AI functions. AI fashions have to be shielded from threats reminiscent of immediate injections or coaching information poisoning, in order that they proceed to function the best way that they’re supposed and are secure for purchasers to make use of.
Cisco AI Protection addresses each areas of AI threat. Our AI Entry answer provides safety groups a complete view of third-party AI functions in use and permits them to set insurance policies that restrict delicate information sharing or prohibit entry to unsanctioned instruments.
For companies creating their very own AI functions, AI Protection makes use of algorithmic pink crew expertise to automate vulnerability assessments for fashions.
After figuring out these dangers in seconds, AI Protection offers runtime guardrails to maintain AI functions protected towards threats like immediate injections, information extraction, and denial of service in real-time.
ZDNET: How does AI Protection differentiate itself from current safety frameworks?
AR: The protection and safety of AI is a large new problem that enterprises are solely simply starting to take care of. In any case, AI is essentially totally different from conventional functions and current safety frameworks do not essentially apply in the identical methods.
AI Protection is purpose-built to guard enterprises from the dangers of AI software utilization and improvement. Our answer is constructed on Cisco’s personal customized AI fashions with two fundamental ideas: steady AI validation and safety at scale.
In relation to securing conventional functions, corporations use a pink crew of human safety professionals to attempt to jailbreak the app and discover vulnerabilities. This strategy would not present anyplace close to the size wanted to validate non-deterministic AI fashions. You’d want groups of 1000’s working for weeks.
Because of this AI Protection makes use of an algorithmic pink teaming answer that repeatedly displays for vulnerabilities and recommends guardrails when it finds them. Cisco’s platform strategy to safety signifies that these guardrails are distributed throughout the community and the safety crew will get whole visibility throughout their AI footprint.
ZDNET: What’s Cisco’s imaginative and prescient for integrating AI Protection with broader enterprise safety methods?
AR: Cisco’s 2024 AI Readiness Index confirmed that whereas organizations face mounting strain to undertake AI, most organizations are nonetheless not able to seize AI’s potential and lots of lack consciousness round AI safety dangers.
With options like AI Protection, Cisco is enabling organizations to unlock the advantages of AI and achieve this securely. Cisco AI Protection is designed to handle the safety challenges of a multi-cloud, multi-model world by which organizations function.
It provides safety groups visibility and management over AI functions and is frictionless for builders, saving them time and assets to allow them to concentrate on innovating.
When a company is seeking to undertake AI, each for workers and to construct customer-facing functions, their adoption lifecycle has the next steps:
- Visibility: Perceive what instruments are being utilized by workers, or what fashions are being deployed of their cloud environments.
- Validation: Monitor and validate fashions operating of their cloud environments and assess their vulnerabilities and establish guardrails as compensating controls for these vulnerabilities.
- Runtime safety: When these fashions get deployed in manufacturing, monitor all prompts and responses, and apply security, safety, privateness, and relevance guardrails to those prompts and responses to make sure that their clients have a secure and safe expertise interacting with these cloud functions.
These are the core areas that AI Protection helps as a part of its capabilities. Enforcement can occur in a Safe Entry or SASE [secure access service edge] product for worker safety, and enforcement for cloud functions can occur in a Cloud Safety Suite software like Cisco Multicloud Protection.
ZDNET: What methods ought to enterprises undertake to mitigate the dangers of adversarial assaults on AI programs?
AR: AI functions introduce a brand new class of safety dangers to a company’s tech stack. In contrast to conventional apps, AI apps embody fashions, that are unpredictable and non-deterministic. When fashions do not behave as they’re alleged to, they can lead to hallucinations and different unintended penalties. Fashions may fall sufferer to assaults like coaching information poisoning, immediate injection, and jailbreaking.
Mannequin builders and builders will each have safety layers in place for AI fashions, however in a multi-cloud, multi-model system, there will probably be inconsistent security and safety requirements. To guard towards AI tampering and the danger of information leakage, organizations want a standard substrate of safety throughout all clouds, apps, and fashions.
This turns into much more essential when you will have fragmented accountability throughout stakeholders — mannequin builders, app builders, governance, threat, and compliance groups.
Having a standard substrate when it comes to an AI safety product that may monitor and implement the proper set of guardrails that shield throughout all classes of AI security and safety as outlined by requirements reminiscent of MITRE ATLAS and OWASP LLM10 and NIST RMF turns into important.
ZDNET: Might you share a real-world situation or case research the place AI Protection may stop a crucial safety breach?
AR: As I discussed, AI Protection covers the 2 fundamental areas of enterprise AI threat: the utilization of third-party AI instruments and the event of latest AI functions. Let’s take a look at incident situations for every of those use instances.
Within the first situation, an worker shares details about a few of your clients with an unsanctioned AI assistant for assist making ready a presentation. This confidential information can grow to be codified within the AI’s retraining information, that means it may be shared with different public customers. AI Protection can restrict this information sharing or prohibit entry to the unsanctioned instrument fully, mitigating the danger of what would in any other case be a devastating privateness violation.
Within the second situation, an AI developer makes use of an open-source basis mannequin to create an AI customer support assistant. They fine-tune it for relevance however inadvertently weaken its built-in guardrails. Inside days, it is hallucinating incorrect responses and turning into extra inclined to adversarial assault. With steady monitoring and vulnerability testing, AI Protection would establish the flaw within the mannequin and apply your most popular guardrails mechanically.
ZDNET: What rising developments in AI safety do you foresee shaping the way forward for cybersecurity?
AR: One crucial facet of AI in safety is that we’re seeing exploit occasions lower. Safety professionals have a shorter window than ever between when a vulnerability is found and when it’s exploited by attackers.
As AI makes cybercriminals sooner and their assaults extra environment friendly, it is more and more pressing that organizations detect and patch vulnerabilities shortly. AI can considerably velocity up the detection of vulnerabilities so safety groups can reply in actual time.
Deepfakes are going to be a large safety concern over the subsequent 5 years. In some ways, the safety trade is simply preparing for deepfakes and learn how to defend towards them, however this will probably be a crucial space of vulnerability and threat for organizations.
The identical manner denial-of-service assaults had been a significant concern 10 years in the past and ransomware has been a crucial menace in newer years, deepfakes are going to maintain loads of safety professionals up at evening.
ZDNET: How can governments and enterprises collaborate to construct strong AI safety requirements?
AR: By working collectively, governments and the non-public sector can faucet right into a deep pool of information and vast spectrum of views to develop finest practices in a shortly evolving threat panorama of AI and safety.
Final yr, Cisco labored with the Cybersecurity and Infrastructure Safety Company’s (CISA) Joint Cyber Protection Collaborative (JCDC), which introduced collectively trade leaders from a few of the largest gamers in tech, reminiscent of OpenAI, Amazon, Microsoft, and Nvidia, and authorities businesses to collaborate with the purpose of enhancing organizations’ collective potential to answer AI-related safety incidents.
We participated in a tabletop train and collaborated on the lately launched “AI Safety Incident Collaboration Playbook,” which is a information for collaboration between authorities and personal trade.
It provides sensible, actionable recommendation for responding to AI-related safety incidents and steering on voluntarily sharing data associated to vulnerabilities related to AI programs.
Collectively, authorities and the non-public sector can elevate consciousness of safety dangers dealing with this crucial expertise.
ZDNET: How do you see AI bridging the hole between cyberattack prevention and incident response?
AR: We’re already seeing AI-enabled safety options ship steady and scalable monitoring that helps human safety groups detect suspicious community exercise and vulnerabilities.
We’re within the stage the place AI is a useful instrument that offers safety professionals higher visibility and proposals on how to answer safety incidents.
Finally, we’ll attain some extent the place AI can mechanically deploy and implement safety patches with oversight from a human safety skilled. The advantages, in a nutshell, are continuity (all the time monitoring), scalability (as your assault floor grows, AI helps you handle it), accuracy (AI can detect much more refined indicators {that a} human may miss), and velocity (sooner than handbook assessment).
Are you ready?
AI is remodeling cybersecurity, however are enterprises really ready for the dangers it brings? Have you ever encountered AI-driven cyber threats in your group?
Do you assume AI-powered safety options can keep forward of more and more subtle assaults? How do you see the stability between AI as a safety instrument and a possible vulnerability?
Are corporations doing sufficient to safe their AI fashions from exploitation? Tell us within the feedback beneath.
You may comply with my day-to-day undertaking updates on social media. Make sure to subscribe to my weekly replace e-newsletter, and comply with me on Twitter/X at @DavidGewirtz, on Fb at Fb.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, on Bluesky at @DavidGewirtz.com, and on YouTube at YouTube.com/DavidGewirtzTV.
