“If I am talking about artificial intelligence (in cybersecurity), these techniques help improving management — its collecting, co-relating lot of data, working on it, fixing it and giving actionable intelligence to work on,” Delzad Mirza, Chief Information Security and Data Protection Officer at Shapoorji Pallonji Group said during a session of the Cyber Warfare Symposium 2021.
In a panel on the application of AI and machine learning in cybersecurity, Mirza, who was accompanied by Sanil Nadkani – CISO at Byju’s FutureSchool, Vasudevan Nair – CISO and Head of IT at Writer Corporation, and Pawan Chawla – CISO at Future General Life Insurance, discussed AI’s role in threat detection, patching activities, and more.
Offensive guys are one step ahead: Mirza
Cybersecurity is labour intensive: “Traditionally if I look at cybersecurity, it is always and is a feat dominated by resource-intensive efforts. We need big teams, and everyone has to do a specific job that is manual; they need to rack their brains; there is data overload; So it is very labour intensive,” Mirza said.
Defence actors are slow: Since there are a lot of steps involved when it comes to monitoring cybersecurity threats, threat hunting, and vulnerability management, Mirza said that “defensive guys” are slow. Defensive actors were defined by the panelists as organisations and entities defending their critical infrastructure.
“That’s why the defensive guys are a bit slow, whilst the offensive guys are a one step ahead because they dont need to do that (resource-intensive work). They (offensive actors) just need to find a loophole and create chaos for us,” he added.
AI has been key in automating cybersecurity processes:
We have been seeing a trend of artificial intelligence in the past few years. And we are getting substantial benefits to our domain by automating key manual tasks, menial tasks. One just has to train, address and configure it (the algorithm) properly — Mirza
Mirza said that AI has been helping in —
- Vulnerability management
- Patch Tuesdays
- Patch Oracle,
- Patch Adobe, and so on.
AI in cybersecurity is a double-edged sword: Mirza elaborated on a situation wherein if the AI algorithm is trained with wrong data, then it returns wrong results. “If you mark a spam email as a good email, how will the AI going to realise what’s right and what’s wrong?” he questioned.
Crypto without oversight is a threat to sovereignty: Maharashtra IGP Brijesh Singh
On the first day of the Cyber Warfare Symposium 2021, Maharashtra Inspector General of Police (IGP) Brijesh Singh highlighted the threat of adversary states controlling the economy by exploiting vulnerabilities in cryptocurrencies:
Imagine an adversary state. If it finds a technical solution to attack the cryptocurrencies or dominates the flow of cryptocurrencies in your region, then they would be very well able to control your economy… So in a linked economy, if you have a kind of currency which is just based on speculation and has no control of the central banks anywhere, then it is a huge threat to the sovereignty of nation States. – Brijesh Singh
As an example, Singh pointed out that Pakistan used to print currency notes and send them to India to cause inflation as a means of economic warfare. “Imagine how easy that becomes if you have a cryptocurrency,” Singh added.
Have something to add? Post your comment and gift someone a MediaNama subscription.