As the head of GDT’s security practice and an industry veteran, Jeanne Malone and her team help customers worldwide advance their cybersecurity posture. One of the biggest cybersecurity game-changers is artificial intelligence (AI). We asked Jeanne to weigh in on leveraging AI and machine learning in cybersecurity to improve intrusion detection, streamline security operations, and lower risk.
How can security organizations leverage AI and machine learning in cybersecurity to stay ahead of bad actors?
Jeanne: There’s so much hope for AI and machine learning in cybersecurity because they can automate and streamline a lot of things, like threat detection and prioritization, incident analysis and reporting, and even response.
For example, AI and machine learning can detect threats in the early stages by quickly analyzing files and network traffic to identify potential vulnerabilities early on and alert teams so they can take preventative measures. AI and machine learning can help organizations identify their gaps and understand new threat vectors.
How have AI and machine learning evolved the threat landscape?
Jeanne: Another reason that security organizations need to embrace AI and machine learning is because the bad guys are also using these technologies. Cybercrime is big business and cybercriminals are employing increasingly sophisticated methods that use AI and machine learning to automate and streamline their activities.
They’re using generative AI to mass-produce phishing emails and malicious code. They’re using AI and machine learning algorithms to identify targets and tailor attacks. They’re mimicking legitimate user behavior to avoid detection and crack passwords. The list goes on.
How have AI and machine learning evolved intrusion prevention?
Jeanne: When we dive into the realm of intrusion prevention, AI and machine learning have really upped the game. Traditional intrusion detection relies on static, predefined rules to analyze network traffic. Today’s AI-powered systems use machine learning to create detection algorithms on the fly in response to real-time traffic patterns.
Machine learning—and more specifically, deep neural networks (DNNs)—learn from vast datasets to establish baselines for normal behaviors so that when deviations occur, they’re detected right away. This powerful capability can quickly spot unusual network activity and unauthorized access. It can also detect complex attack patterns more readily than humans, as well as new and evolving malicious software strains. DNNs can even predict denial of service attacks, fraud, and other anomalies to surface early warnings.
What are some trends you are seeing across breach protection and cybersecurity services?
Jeanne: One of the biggest trends we’re seeing is turning to IT solution providers that already have deep cybersecurity expertise—not just for consulting and implementation but also for operational support.
With the constantly evolving cybersecurity landscape, the thousands of cybersecurity tools on the market, and the lack of tools integration, many companies are simply overwhelmed. They struggle with where to start when it comes to AI and machine learning in cybersecurity and how to shore up their security posture. Many organizations are finding it easier, safer, and more cost-effective to outsource part or most of their security operations to a cybersecurity expert.
In fact, this is one of the reasons that GDT partners with some of the best OEMs in the business to streamline cybersecurity operations, accelerate threat detections, prioritize responses, and block threats across their organizations. Depending upon our customers’ needs, GDT can provide services like implementation, optimization, custom integration, and even managed detection, response, and SOC as a service.
What’s the first step organizations should take to get started with AI and machine learning in cybersecurity?
Jeanne: I always recommend that customers work with a cybersecurity expert to conduct a thorough assessment of their cybersecurity posture so that they understand their strengths, weaknesses, and potential security gaps. That’s why we offer a half-day Cybersecurity Health Check Workshop, which gives customers a realistic view of their security program maturity and outlines next steps to help them mitigate gaps and issues and strengthen their posture.
I’ve found it to be an extremely effective tool that helps customers understand what they need to do next. Once they have that knowledge, they can determine which tools to use and how AI and machine learning can help them meet their needs.