Preparing for the AI Revolution
Virgil Michael, CISSP, Executive Director of IT, Hoiana Resort and Golf (Vietnam)
Virgil Michael, CISSP, Executive Director of IT, Hoiana Resort and Golf (Vietnam)
Before Artificial Intelligence (AI), remote meetings, virtual space, mobile phones, and self-driving cars, there were Star Wars, Star Trek, and Knight Rider. If Hollywood is anything to go on, it is an indication of how innovation allows humanity to let go of mediocre tasks and do more complex things.
AI is like an Olympic gymnast. If it can be trained, it can be perfected to do certain tasks. Even though AI can create art and music, it is currently not thought to be fully sentient. By the perfection of certain tasks, now done through AI, businesses may optimize processes, improve customer centricity, and increase productivity.
AI is also being weaponized. Some examples include autonomous fighter jets and drones. Cyberspace also must consider AI risks and organizations to deal with new advanced threats and need to be prepared as the AI revolution gains momentum.
The paradox of AI is that if the technology can be used for good, it could also be used for malicious intent, to breach systems, and gain access to vital records. The AI revolution has resulted in the displacement of workers. The risks when workers are displaced include stealing sensitive and proprietary information, exploitation of potential software bugs, and using AI-powered tools to breach systems or orchestrate an AI-powered cyber-attack.
IT security leaders should ensure that the data in the organization is continuously reviewed and classified to ensure those repositories have adequate safeguards to mitigate any risks relating to confidentiality, integrity, or availability of those services. An enterprise systems map should be clearly understood, concerning integrations where AI and other data processing may occur. By conducting a risk assessment on the integrations, organizations can get a better understanding of their integrations' security posture and harden controls where needed.
Phishing attacks are evolving as threat actors began to realize that social engineering is an easier route to achieve their objectives, rather than trying to directly attack the organization's infrastructure. Modern-day AI-based anomaly security features found in most solutions can help organizations mitigate social engineering and phishing attacks through machine learning and AI-based algorithms used in message inspection.
Business leaders should ensure that IT security professionals or any other individuals do not have the "keys to the kingdom", and data masking for such solutions should be configured to protect confidentiality and integrity in most cases. Privileged access must be controlled and monitored with regular reviews to ensure no abuse of access.
AI-powered analysis can simplify and speed up detections or performance issues through the use of an advanced SIEM (Information security event management) and SOAR (Security Orchestration, Automation, and Response). Most cloud platforms are already enabling AI and machine learning-based endpoint security control to be more adaptive when dealing with the corresponding threats. The combination of these solutions could support organizations to get real-time alerts and manage those critical alerts in an automated fashion to neutralize the immediate threat. If the talent pool of professional skill sets exists in-house, consider the option to incorporate your machine learning capabilities to fast-track automation for environments that may be more complex in design. The security operations team should ensure that an effective log for all AI-related systems is maintained for audits and investigations.
Cybersecurity professionals should be continuously trained and updated on the latest AI threats and apply modern-day safeguards in the organization to mitigate risks. Data leakage prevention tools should be finely balanced between performance and security.
Cybersecurity professionals should be continuously trained and updated on the latest AI threats and apply modern-day safeguards in the organization to mitigate risks. Data leakage prevention tools should be finely balanced between performance and security
IT Governance experts typically understand that if the controls are hardened without official business tools, staff may opt for other tools to complete their tasks. Risky AI applications should be prevented from running in high-security environments with the exception mandated by business needs. People have unlimited access to modern AI solutions and IT professionals must be prepared for "script kiddies", who are people that use AI computer-generated scripts to hack subjects.
IT professionals have a huge learning curve in the next few years and the future is promising. AI is certainly the way forward and IT leaders should adopt a carefully thought-out strategy on how to incorporate modern-day solutions to help optimize their organizations.
The quantum computing revolution has been silently on the rise, with the platform available to the public. Google, having claimed quantum supremacy, back in 2019, reported that it took about 200 seconds to complete a task on a quantum computer versus the state-of-the-art classical supercomputer. The state-of-the-art classical supercomputer at that time would take approximately 10,000 years to compute the same output, showcasing the immense computing supremacy of quantum technology using qubits versus classical computing using binary.
The next technology disruption could be the emergence of AI running on quantum computers. AI would be mature enough and in a perfect position to boost its processing power. AI, Quantum computing, robotics, and the metaverse…..well that's for another chapter!
