Photo | Courtesy of Towerwall
Janelle Drolet is vice president of operations and sales for Towerwall, a cybersecurity consulting firm based in Framingham.
Updated: 4 hours ago
Advice
10 Things I know about ... AI security
By Janelle Drolet
10) AI cuts both ways. Cybercriminals are leveraging AI to automate attacks and evade detection. However, defensive AI systems are coming online to supercharge threat detection and response services.
9) Shadow AI. Unauthorized company use of AI tools like ChatGPT is known as shadow AI. Advocate for responsible AI use, consider ethical governance frameworks, and draft employee-use policies.
8) Trust zero trust. Today's businesses have a lot of digital front doors. Zero trust says, "Prove you are who you say you are, every single time."
7) Build resilience. The goal is to minimize downtime and recover quickly when a breach occurs. AI can supercharge this strategy by analyzing network traffic to flag unusual activity, automate zero-trust verification, and suggest micro-segmentation strategies.
6) Third-party risk. A proactive third-party risk management program can assess and manage vendor security.
5) Beware of ransomware. Ransomware has grown more sophisticated, moving beyond simple data encryption to double and triple extortion tactics. AI-based security automation can detect and respond to these complex attacks in real time, often before they cause greater damage.
4) Immutable backups. They provide an unchangeable copy of your data, guaranteeing that you can always restore your systems without paying the ransom.
3) Abide compliance. With upcoming AI governance rules that will eventually be enforced, companies face complex compliance challenges. Implementing governance, risk, and compliance platforms can help centralize compliance tracking and validation.
2) Fight AI with AI. Use AI to help detect unusual behavior and security gaps that a human might miss.
1) Bridge the skills gap. Collaborate with universities and cybersecurity groups to recruit new talent. Recruit outside experience by hiring a temporary virtual chief information security officer to get started with a program.
WBJ Web Partners
Most Recent
Most Recent
0 Comments