SlideShare a Scribd company logo

Overview of Artificial Intelligence in Cybersecurity

Download as PPTX, PDF
Olivier Busolini
Olivier Busolini

If you are interested in understsanding a bit more the potential of Artifical Intelligence in Cybersecurity, you might want to have a look at this overview. Written from my CISO -and non AI expert- point of view, for fellow security professional to navigate the AI hype, and (hopefully!) make better, informed decisions :-) All feedback welcome !

1 of 19
Downloaded 510 times
OVERVIEW OF ARTIFICIAL INTELLIGENCE IN CYBERSECURITY Helping CISOs to navigate the AI hype, and make informed decisions Olivier Busolini Geneva, June 2019
© Olivier Busolini WHAT ARE WE TALKING ABOUT ?1 | June 2019 |Overview of AI in Cybersecurity 2
© Olivier Busolini Artificial Imitation Augmented Intelligence | June 2019 |Overview of AI in Cybersecurity 3 Cybersecurity use case sifting through events, correlating them with other events, and presenting analytics for a human analyst to determine the next actions Orchestrate and Automate tasks that humans can perform without a problem to a much larger volume we could ever handle Process and structure huge volumes of data including analysis of the complex relationships within it
© Olivier Busolini Types of ai mostly used | June 2019 |Overview of AI in Cybersecurity 4 Source: Saagie SUPERVISED Classification problems Labelled data to train model Volume, velocity and variety of data UNSUPERVISED Optimisation problems Associate and Cluster "normal" and "abnormal” data without explicit outputs REINFORCEMENT Maximization problems Learning to perform a task by maximizing reward signals about how well it is performing DLP level 1 monitoring Event logs extraction
© Olivier Busolini Careful of the hype  Cloud, Blockchain, and now AI ?  “Cool” products have to have AI Difficulty to develop AI solutions  AI is Math (advanced and new application of Statistics) not software  Rely on the qualifications of people developing the models • Data scientists, often PhDs in Math and Computer Science, sometimes with (pending) pattent • And Cybersecurity experts, with knowledge of CyberThreats and the most appropriate types of defenses  Hiring and retaining is a major challenge • Industry, projects and compensation (incl. equities) are key • Salaries for Data scientists are sky rocking, and not all companies can compete • Start-up are more able to provide equities to top talent but less able to  Develop mature piece of software with this cutting edge technology Have access to big data for training and testing AI software are a quantum leap ? | June 2019 |Overview of AI in Cybersecurity 5
© Olivier Busolini Machine Learning challenges | June 2019 |Overview of AI in Cybersecurity 6 Explainability Understand what DL actually learned Legal challenges Verifiability Verifiability of detections Interpretation of output Data Quality and Bias Not enough or no quality labelled data Data cleanliness issues timestamps, normalization across fields, etc. Bad understanding of the data to engineer meaningful features Knowledge Qualifications of people developing the models Understanding the business, the maths, and IT
© Olivier Busolini AI IN CYBERSECURITY2 | June 2019 |Overview of AI in Cybersecurity 7
© Olivier Busolini  I am still running after more than 20 years in the field  (Sterile ?) race to arms Key flaws of cyber security | June 2019 |Overview of AI in Cybersecurity 8 Defense paradigm based on previous knowledge of attacks  Inefficient against zero-day and variations Promess of AI/ML/DL: Identify attacks as deviations of « normality »
© Olivier Busolini Defensive AI | June 2019 |Overview of AI in Cybersecurity 9 Malware detection Multi layer, multi ML engine defense SOC, IDS/IPS & Honeypots Self learning ML and DL Antispam Vulnerability Mgt Identify and prioritize remediation Data Classification Track data to identify, classify and protect Threat Intelligence Categorize behavior forTI ML to monitor Dark Web
© Olivier Busolini | June 2019 |Overview of AI in Cybersecurity 10 CISO’s loooong shopping list
© Olivier Busolini CISO’s even loooonger shopping list | June 2019 |Overview of AI in Cybersecurity 11 Source: CB Insights  Anti Fraud & Identity Management: secure online transactions by identifying fraudsters, e.g. ML proactively detects fraud in financial transactions or fraudulent users on websites and in mobile  Mobile Security: e.g. identify and grade risky behavior in mobile apps including known and unknown malware, new malware used in targeted attacks, corporate data ex-filtration, and intellectual property exposure, mostly cloud based  Predictive Intelligence: e.g. predictive and preventive security against advanced cyber threats with predictive execution modeling  Behavioral Analytics / Anomaly Detection: detect anomalous behavior from insiders and external threats in organizations’ systems and networks in order detect cyber-attacks, e.g. with digital fingerprints from an end-user’s behavior through monitored keystrokes, mouse behavior, and anomaly detection  Automated Security: e.g. automate security tasks across 100+ security products and weave human analyst activities and workflows together  Cyber-Risk Management: More focus on defining cyber risk appetite and cyber risk tolerance, to better enable business considering the cost of security controls  App Security: securing applications e.g. By helping developers secure applications by finding, fixing, and monitoring web, mobile, and networks against current and future vulnerabilities, with formal analysis and machine learning  IoT Security: e.g. AI-powered asset-protection software for the safety, security, and reliability of the IoT; machine learning to identify hidden recording devices or transmitters in a conference room, and allow for a preemptive response to data theft.  Deception Security: e.g. proactively deceiving and disrupting in progress attacks by detecting and fighting cyber attacks by creating a neural network of thousands of fake computers, devices, and services that act like a fog and work under the supervision of machine learning algorithms.
© Olivier Busolini Offensive AI | June 2019 |Overview of AI in Cybersecurity 12 Malware creation Speed up creation Enhance evasive capabilities Smart botnets Self learning botnets Smarter zombies Spear phishing Smarter social engineering More convincing scams Adversarial AI GAN: discover and poison ML to produce false, and controlled, results Poison datasets Conditional attacks Cyberattacks using Blockchain based smart contracts Classify victims Optimize return on investment of attacks
© Olivier Busolini Adversarial AI | June 2019 |Overview of AI in Cybersecurity 13 Adversarial inputs Artefacts designed to fool Defensive AIs Data poisonig Feed poisoned training data to cybersecurity tools Feedback weaponization Poison ML to DoS AI users with False Alarm Model stealing To enhance abilities of adversarial inputs Source: 2018 DEFCON “AI Village”
© Olivier Busolini An AI risk framework | June 2019 |Overview of AI in Cybersecurity 14 Source: Deloitte. “Managing algorithmic risks - Safeguarding the use of complex algorithms and machine learning”
© Olivier Busolini TAKEAWAYS FOR THE ORDINARY CISO 4 | June 2019 |Overview of AI in Cybersecurity 15
© Olivier Busolini  Asses your threats and risks – are AI based solutions the best answers to some of them ?  What is your current maturity in cybersecurity ? Up to where can you climb the ladder from detective, preventative or even predictive controls? A few points to look at | June 2019 |Overview of AI in Cybersecurity 16 Do you need AI ?  How does it learn ? • Learning ‘on the job’ within the user’s environment or the provider’s ? • What volume of data is required ? How often is retraining needed ?  What's the mechanism for collaboration with human ?  What are the error rates ? • False positive, and false negative • Is the error rate acceptable to achieve detection ? Automatic remediation ? What AI ?  Have you defined AI’s RoI ?  Can it detect, cluster, classify and make predictions that • would not have been possible by humans alone ? (complexity) • reduce the amount of human intervention and analysis required ? (scale) • in a timeframe not achievable by humans only ? (latency) Will you benefit from AI ?
© Olivier Busolini • Stressed and stretched IT security teams look to automation of cybersecurity tasks for relief • Orchestration and integration of existing cybersecurity solutions is also necessary • Scarcity of cybersecurity experts look for support from augmented (AI to support humans) if not autonomous intelligent (AI without humans) to increase efficiency, and be able to meet more complex, massive and time sensitive threats • Human intervention will most probably be required to provide specific expert knowledge or when an action can have severe consequences What conclusion for a CISO ? | June 2019 |Overview of AI in Cybersecurity 17 CISOs need more (and more) efficiency& effectiveness • AI solutions should be fully integrated and consistent with the existing Cybersecurity and IT processes to be efficient • Change management might be required to benefit fully from the expected innovation, quality improvement and cost reduction • AI cybersecurity systems bring new risks. Can we compensate with existing controls or do we need to develop new ones ? Yes, AI is useful for CISOs but, sorry, no silver bullet (yet ?)
© Olivier Busolini AI • Understand skills and training that are going to be necessary • Enable responsible widespread use of training data by defining a framework of interoperable anonymized data • Define a framework to assess and testAI safety AI in cybersecurity • Define an agreed upon AI security risk framework and associated set of AI security controls • AI as a tool • AI as a target • Define a framework to assess use of AI by cybersecurity threat actors • Define a framework to assess and testAI based cybersecurity solutions • Define an implemental maturity model for AI based cybersecurity solutions Further work should focus on | June 2019 |Overview of AI in Cybersecurity 18
© Olivier Busolini Olivier Busolini busolivier@protonmail.com This presentation was created in my personal capacity. The opinions expressed in this document are mine only, and do not necessarily reflect the view of my employer. All right reserved to the author. Additionnal sources Accenture Autonomous Research Cybersecurity intelligence CSO Online Defcon 2018 AI Village Microsoft NIST Raffael Marty Rodney Brooks Thanks to Reto Aeberhardt (EY) Jan Tietze (Cylance) Godefroy Riegler (ICON ONG) David Doret Fabian Gentinetta-Parpan (Vectra) Pierre-Alain Moellic (CEA) Challenge my views with questions ! | June 2019 |Overview of AI in Cybersecurity 19 Icons Flaticon.com
Ad

Recommended

Artificial Intelligence and Cybersecurity
Artificial Intelligence and CybersecurityArtificial Intelligence and Cybersecurity
Artificial Intelligence and Cybersecurity
Olivier Busolini
 
HOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITYHOW AI CAN HELP IN CYBERSECURITY
HOW AI CAN HELP IN CYBERSECURITY
Priyanshu Ratnakar
 
Artificial Intelligence for Cyber Security
Artificial Intelligence for Cyber SecurityArtificial Intelligence for Cyber Security
Artificial Intelligence for Cyber Security
Priyanshu Ratnakar
 
AI and the Impact on Cybersecurity
AI and the Impact on CybersecurityAI and the Impact on Cybersecurity
AI and the Impact on Cybersecurity
Graham Mann
 
Combating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial IntelligenceCombating Cyber Security Using Artificial Intelligence
Combating Cyber Security Using Artificial Intelligence
Inderjeet Singh
 
How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security
Robert Smith
 
AI and ML in Cybersecurity
AI and ML in CybersecurityAI and ML in Cybersecurity
AI and ML in Cybersecurity
Forcepoint LLC
 
Artificial Intelligence in cybersecurity
Artificial Intelligence in cybersecurityArtificial Intelligence in cybersecurity
Artificial Intelligence in cybersecurity
SmartlearningUK
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
Burhan Ahmed
 
“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19
Francesco Flammini
 
AI in security
AI in securityAI in security
AI in security
Subrat Panda, PhD
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
NUS-ISS
 
Security in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial Intelligence
Faction XYZ
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
DexterJanPineda
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
Application of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityApplication of Machine Learning in Cybersecurity
Application of Machine Learning in Cybersecurity
Pratap Dangeti
 
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackMachine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Alistair Gillespie
 
Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain
BGA Cyber Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
Dr. Umesh Rao.Hodeghatta
 
Practical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in CybersecurityPractical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in Cybersecurity
scoopnewsgroup
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityUse of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika University
Avantika University
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
Siemplify
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
Piyush Jain
 
The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...
Aladdin Dandis
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
AI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AIAI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AI
ssusere6073a
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
Cognizant
 
Ad

More Related Content

What's hot (20)

Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
Burhan Ahmed
 
“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19
Francesco Flammini
 
AI in security
AI in securityAI in security
AI in security
Subrat Panda, PhD
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
NUS-ISS
 
Security in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial Intelligence
Faction XYZ
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
DexterJanPineda
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
Application of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityApplication of Machine Learning in Cybersecurity
Application of Machine Learning in Cybersecurity
Pratap Dangeti
 
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackMachine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Alistair Gillespie
 
Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain
BGA Cyber Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
Dr. Umesh Rao.Hodeghatta
 
Practical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in CybersecurityPractical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in Cybersecurity
scoopnewsgroup
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityUse of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika University
Avantika University
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
Siemplify
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
Piyush Jain
 
The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...
Aladdin Dandis
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 
Cyber security with ai
Cyber security with aiCyber security with ai
Cyber security with ai
Burhan Ahmed
 
“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19“AI techniques in cyber-security applications”. Flammini lnu susec19
“AI techniques in cyber-security applications”. Flammini lnu susec19
Francesco Flammini
 
AI in security
AI in securityAI in security
AI in security
Subrat Panda, PhD
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
AI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for ThoughtAI and Cybersecurity - Food for Thought
AI and Cybersecurity - Food for Thought
NUS-ISS
 
Security in the age of Artificial Intelligence
Security in the age of Artificial IntelligenceSecurity in the age of Artificial Intelligence
Security in the age of Artificial Intelligence
Faction XYZ
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AI
DexterJanPineda
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
AbimbolaFisher1
 
Application of Machine Learning in Cybersecurity
Application of Machine Learning in CybersecurityApplication of Machine Learning in Cybersecurity
Application of Machine Learning in Cybersecurity
Pratap Dangeti
 
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the HaystackMachine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Machine Learning & Cyber Security: Detecting Malicious URLs in the Haystack
Alistair Gillespie
 
Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain Machine Learning in Cyber Security Domain
Machine Learning in Cyber Security Domain
BGA Cyber Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Application of Machine Learning in Cyber Security
Application of Machine Learning in Cyber SecurityApplication of Machine Learning in Cyber Security
Application of Machine Learning in Cyber Security
Dr. Umesh Rao.Hodeghatta
 
Practical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in CybersecurityPractical Applications of Machine Learning in Cybersecurity
Practical Applications of Machine Learning in Cybersecurity
scoopnewsgroup
 
Use of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika UniversityUse of Artificial Intelligence in Cyber Security - Avantika University
Use of Artificial Intelligence in Cyber Security - Avantika University
Avantika University
 
Security Automation and Machine Learning
Security Automation and Machine LearningSecurity Automation and Machine Learning
Security Automation and Machine Learning
Siemplify
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Incident response methodology
Incident response methodologyIncident response methodology
Incident response methodology
Piyush Jain
 
The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...The role of big data, artificial intelligence and machine learning in cyber i...
The role of big data, artificial intelligence and machine learning in cyber i...
Aladdin Dandis
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Stephen Lahanas
 

Similar to Overview of Artificial Intelligence in Cybersecurity (20)

AI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AIAI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AI
ssusere6073a
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
Cognizant
 
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
United States Cybersecurity Institute (USCSI®)
 
Artificial Intelligence.pptx
Artificial Intelligence.pptxArtificial Intelligence.pptx
Artificial Intelligence.pptx
KantaShakkarwal
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017
Bill Chamberlin
 
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
United States Cybersecurity Institute (USCSI®)
 
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Austin Joy
 
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
AgileNetwork
 
Cloud Security Services: Protect Data with Cutting-Edge Solutions
Cloud Security Services: Protect Data with Cutting-Edge SolutionsCloud Security Services: Protect Data with Cutting-Edge Solutions
Cloud Security Services: Protect Data with Cutting-Edge Solutions
privaxic
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
Iqra khalil
 
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
DIGITALCONFEX
 
BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023
CBIZ, Inc.
 
AI Safety in Parliaments: Latest Standards and Compliance Challenges
AI Safety in Parliaments: Latest Standards and Compliance ChallengesAI Safety in Parliaments: Latest Standards and Compliance Challenges
AI Safety in Parliaments: Latest Standards and Compliance Challenges
Dr. Fotios Fitsilis
 
AI Cybersecurity Threats 2024 Dark Side of Technology.pdf
AI Cybersecurity Threats 2024 Dark Side of Technology.pdfAI Cybersecurity Threats 2024 Dark Side of Technology.pdf
AI Cybersecurity Threats 2024 Dark Side of Technology.pdf
BORNSEC CONSULTING
 
Role of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdfRole of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdf
imoliviabennett
 
Artificial Intelligence in Cybersecurity
Artificial Intelligence in CybersecurityArtificial Intelligence in Cybersecurity
Artificial Intelligence in Cybersecurity
drawais8
 
Role of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdfRole of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdf
SoluLab1231
 
Cybersecurity 2024 - Alberto Boaventura v2.0.pdf
Cybersecurity 2024 - Alberto Boaventura v2.0.pdfCybersecurity 2024 - Alberto Boaventura v2.0.pdf
Cybersecurity 2024 - Alberto Boaventura v2.0.pdf
Alberto Boaventura
 
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdfA Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
DataSpace Academy
 
AI & Cybersecurity: Strengthening Business Security in 2025
AI & Cybersecurity: Strengthening Business Security in 2025AI & Cybersecurity: Strengthening Business Security in 2025
AI & Cybersecurity: Strengthening Business Security in 2025
privaxic
 
AI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AIAI for Cyber Security and Adversarial AI
AI for Cyber Security and Adversarial AI
ssusere6073a
 
The Security Challenge: What's Next?
The Security Challenge: What's Next?The Security Challenge: What's Next?
The Security Challenge: What's Next?
Cognizant
 
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
Role of Generative AI in Strengthening Cybersecurity Measures | USCSI®
United States Cybersecurity Institute (USCSI®)
 
Artificial Intelligence.pptx
Artificial Intelligence.pptxArtificial Intelligence.pptx
Artificial Intelligence.pptx
KantaShakkarwal
 
Security Trend Report, 2017
Security Trend Report, 2017Security Trend Report, 2017
Security Trend Report, 2017
Bill Chamberlin
 
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
Is Agentic AI a Threat to Cybersecurity of Business Enterprises? | USCSI®
United States Cybersecurity Institute (USCSI®)
 
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Generative AI Cybersecurity Solutions Shaping the Future of Cyber Protection ...
Austin Joy
 
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
Agile Gurugram 30-31Aug 2024 | Unleashing the Impact of Generative AI, Data, ...
AgileNetwork
 
Cloud Security Services: Protect Data with Cutting-Edge Solutions
Cloud Security Services: Protect Data with Cutting-Edge SolutionsCloud Security Services: Protect Data with Cutting-Edge Solutions
Cloud Security Services: Protect Data with Cutting-Edge Solutions
privaxic
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
Iqra khalil
 
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
DIGITALCONFEX
 
BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023BIZGrowth Strategies — Cybersecurity Special Edition 2023
BIZGrowth Strategies — Cybersecurity Special Edition 2023
CBIZ, Inc.
 
AI Safety in Parliaments: Latest Standards and Compliance Challenges
AI Safety in Parliaments: Latest Standards and Compliance ChallengesAI Safety in Parliaments: Latest Standards and Compliance Challenges
AI Safety in Parliaments: Latest Standards and Compliance Challenges
Dr. Fotios Fitsilis
 
AI Cybersecurity Threats 2024 Dark Side of Technology.pdf
AI Cybersecurity Threats 2024 Dark Side of Technology.pdfAI Cybersecurity Threats 2024 Dark Side of Technology.pdf
AI Cybersecurity Threats 2024 Dark Side of Technology.pdf
BORNSEC CONSULTING
 
Role of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdfRole of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdf
imoliviabennett
 
Artificial Intelligence in Cybersecurity
Artificial Intelligence in CybersecurityArtificial Intelligence in Cybersecurity
Artificial Intelligence in Cybersecurity
drawais8
 
Role of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdfRole of Generative AI in Cybersecurity.pdf
Role of Generative AI in Cybersecurity.pdf
SoluLab1231
 
Cybersecurity 2024 - Alberto Boaventura v2.0.pdf
Cybersecurity 2024 - Alberto Boaventura v2.0.pdfCybersecurity 2024 - Alberto Boaventura v2.0.pdf
Cybersecurity 2024 - Alberto Boaventura v2.0.pdf
Alberto Boaventura
 
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdfA Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
A Deep Dive Into The Growing Use Of Generative AI In Cyber Security.pdf
DataSpace Academy
 
AI & Cybersecurity: Strengthening Business Security in 2025
AI & Cybersecurity: Strengthening Business Security in 2025AI & Cybersecurity: Strengthening Business Security in 2025
AI & Cybersecurity: Strengthening Business Security in 2025
privaxic
 
Ad

Recently uploaded (20)

AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Big Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur MorganBig Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur Morgan
Arthur Morgan
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Mastering Advance Window Functions in SQL.pdf
Mastering Advance Window Functions in SQL.pdfMastering Advance Window Functions in SQL.pdf
Mastering Advance Window Functions in SQL.pdf
Spiral Mantra
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Build Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For DevsBuild Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For Devs
Brian McKeiver
 
TrsLabs Consultants - DeFi, WEb3, Token Listing
TrsLabs Consultants - DeFi, WEb3, Token ListingTrsLabs Consultants - DeFi, WEb3, Token Listing
TrsLabs Consultants - DeFi, WEb3, Token Listing
Trs Labs
 
Unlocking the Power of IVR: A Comprehensive Guide
Unlocking the Power of IVR: A Comprehensive GuideUnlocking the Power of IVR: A Comprehensive Guide
Unlocking the Power of IVR: A Comprehensive Guide
vikasascentbpo
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Vaibhav Gupta BAML: AI work flows without Hallucinations
Vaibhav Gupta BAML: AI work flows without HallucinationsVaibhav Gupta BAML: AI work flows without Hallucinations
Vaibhav Gupta BAML: AI work flows without Hallucinations
john409870
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Social Media App Development Company-EmizenTech
Social Media App Development Company-EmizenTechSocial Media App Development Company-EmizenTech
Social Media App Development Company-EmizenTech
Steve Jonas
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Big Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur MorganBig Data Analytics Quick Research Guide by Arthur Morgan
Big Data Analytics Quick Research Guide by Arthur Morgan
Arthur Morgan
 
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdfSAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
SAP Modernization: Maximizing the Value of Your SAP S/4HANA Migration.pdf
Precisely
 
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven InsightsAndrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell: Transforming Business Strategy Through Data-Driven Insights
Andrew Marnell
 
Semantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AISemantic Cultivators : The Critical Future Role to Enable AI
Semantic Cultivators : The Critical Future Role to Enable AI
artmondano
 
Mastering Advance Window Functions in SQL.pdf
Mastering Advance Window Functions in SQL.pdfMastering Advance Window Functions in SQL.pdf
Mastering Advance Window Functions in SQL.pdf
Spiral Mantra
 
Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.Greenhouse_Monitoring_Presentation.pptx.
Greenhouse_Monitoring_Presentation.pptx.
hpbmnnxrvb
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
Build Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For DevsBuild Your Own Copilot & Agents For Devs
Build Your Own Copilot & Agents For Devs
Brian McKeiver
 
TrsLabs Consultants - DeFi, WEb3, Token Listing
TrsLabs Consultants - DeFi, WEb3, Token ListingTrsLabs Consultants - DeFi, WEb3, Token Listing
TrsLabs Consultants - DeFi, WEb3, Token Listing
Trs Labs
 
Unlocking the Power of IVR: A Comprehensive Guide
Unlocking the Power of IVR: A Comprehensive GuideUnlocking the Power of IVR: A Comprehensive Guide
Unlocking the Power of IVR: A Comprehensive Guide
vikasascentbpo
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
Vaibhav Gupta BAML: AI work flows without Hallucinations
Vaibhav Gupta BAML: AI work flows without HallucinationsVaibhav Gupta BAML: AI work flows without Hallucinations
Vaibhav Gupta BAML: AI work flows without Hallucinations
john409870
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Massive Power Outage Hits Spain, Portugal, and France: Causes, Impact, and On...
Aqusag Technologies
 
Social Media App Development Company-EmizenTech
Social Media App Development Company-EmizenTechSocial Media App Development Company-EmizenTech
Social Media App Development Company-EmizenTech
Steve Jonas
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptxSpecial Meetup Edition - TDX Bengaluru Meetup #52.pptx
Special Meetup Edition - TDX Bengaluru Meetup #52.pptx
shyamraj55
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
Ad

Overview of Artificial Intelligence in Cybersecurity

  • 1. OVERVIEW OF ARTIFICIAL INTELLIGENCE IN CYBERSECURITY Helping CISOs to navigate the AI hype, and make informed decisions Olivier Busolini Geneva, June 2019
  • 2. © Olivier Busolini WHAT ARE WE TALKING ABOUT ?1 | June 2019 |Overview of AI in Cybersecurity 2
  • 3. © Olivier Busolini Artificial Imitation Augmented Intelligence | June 2019 |Overview of AI in Cybersecurity 3 Cybersecurity use case sifting through events, correlating them with other events, and presenting analytics for a human analyst to determine the next actions Orchestrate and Automate tasks that humans can perform without a problem to a much larger volume we could ever handle Process and structure huge volumes of data including analysis of the complex relationships within it
  • 4. © Olivier Busolini Types of ai mostly used | June 2019 |Overview of AI in Cybersecurity 4 Source: Saagie SUPERVISED Classification problems Labelled data to train model Volume, velocity and variety of data UNSUPERVISED Optimisation problems Associate and Cluster "normal" and "abnormal” data without explicit outputs REINFORCEMENT Maximization problems Learning to perform a task by maximizing reward signals about how well it is performing DLP level 1 monitoring Event logs extraction
  • 5. © Olivier Busolini Careful of the hype  Cloud, Blockchain, and now AI ?  “Cool” products have to have AI Difficulty to develop AI solutions  AI is Math (advanced and new application of Statistics) not software  Rely on the qualifications of people developing the models • Data scientists, often PhDs in Math and Computer Science, sometimes with (pending) pattent • And Cybersecurity experts, with knowledge of CyberThreats and the most appropriate types of defenses  Hiring and retaining is a major challenge • Industry, projects and compensation (incl. equities) are key • Salaries for Data scientists are sky rocking, and not all companies can compete • Start-up are more able to provide equities to top talent but less able to  Develop mature piece of software with this cutting edge technology Have access to big data for training and testing AI software are a quantum leap ? | June 2019 |Overview of AI in Cybersecurity 5
  • 6. © Olivier Busolini Machine Learning challenges | June 2019 |Overview of AI in Cybersecurity 6 Explainability Understand what DL actually learned Legal challenges Verifiability Verifiability of detections Interpretation of output Data Quality and Bias Not enough or no quality labelled data Data cleanliness issues timestamps, normalization across fields, etc. Bad understanding of the data to engineer meaningful features Knowledge Qualifications of people developing the models Understanding the business, the maths, and IT
  • 7. © Olivier Busolini AI IN CYBERSECURITY2 | June 2019 |Overview of AI in Cybersecurity 7
  • 8. © Olivier Busolini  I am still running after more than 20 years in the field  (Sterile ?) race to arms Key flaws of cyber security | June 2019 |Overview of AI in Cybersecurity 8 Defense paradigm based on previous knowledge of attacks  Inefficient against zero-day and variations Promess of AI/ML/DL: Identify attacks as deviations of « normality »
  • 9. © Olivier Busolini Defensive AI | June 2019 |Overview of AI in Cybersecurity 9 Malware detection Multi layer, multi ML engine defense SOC, IDS/IPS & Honeypots Self learning ML and DL Antispam Vulnerability Mgt Identify and prioritize remediation Data Classification Track data to identify, classify and protect Threat Intelligence Categorize behavior forTI ML to monitor Dark Web
  • 10. © Olivier Busolini | June 2019 |Overview of AI in Cybersecurity 10 CISO’s loooong shopping list
  • 11. © Olivier Busolini CISO’s even loooonger shopping list | June 2019 |Overview of AI in Cybersecurity 11 Source: CB Insights  Anti Fraud & Identity Management: secure online transactions by identifying fraudsters, e.g. ML proactively detects fraud in financial transactions or fraudulent users on websites and in mobile  Mobile Security: e.g. identify and grade risky behavior in mobile apps including known and unknown malware, new malware used in targeted attacks, corporate data ex-filtration, and intellectual property exposure, mostly cloud based  Predictive Intelligence: e.g. predictive and preventive security against advanced cyber threats with predictive execution modeling  Behavioral Analytics / Anomaly Detection: detect anomalous behavior from insiders and external threats in organizations’ systems and networks in order detect cyber-attacks, e.g. with digital fingerprints from an end-user’s behavior through monitored keystrokes, mouse behavior, and anomaly detection  Automated Security: e.g. automate security tasks across 100+ security products and weave human analyst activities and workflows together  Cyber-Risk Management: More focus on defining cyber risk appetite and cyber risk tolerance, to better enable business considering the cost of security controls  App Security: securing applications e.g. By helping developers secure applications by finding, fixing, and monitoring web, mobile, and networks against current and future vulnerabilities, with formal analysis and machine learning  IoT Security: e.g. AI-powered asset-protection software for the safety, security, and reliability of the IoT; machine learning to identify hidden recording devices or transmitters in a conference room, and allow for a preemptive response to data theft.  Deception Security: e.g. proactively deceiving and disrupting in progress attacks by detecting and fighting cyber attacks by creating a neural network of thousands of fake computers, devices, and services that act like a fog and work under the supervision of machine learning algorithms.
  • 12. © Olivier Busolini Offensive AI | June 2019 |Overview of AI in Cybersecurity 12 Malware creation Speed up creation Enhance evasive capabilities Smart botnets Self learning botnets Smarter zombies Spear phishing Smarter social engineering More convincing scams Adversarial AI GAN: discover and poison ML to produce false, and controlled, results Poison datasets Conditional attacks Cyberattacks using Blockchain based smart contracts Classify victims Optimize return on investment of attacks
  • 13. © Olivier Busolini Adversarial AI | June 2019 |Overview of AI in Cybersecurity 13 Adversarial inputs Artefacts designed to fool Defensive AIs Data poisonig Feed poisoned training data to cybersecurity tools Feedback weaponization Poison ML to DoS AI users with False Alarm Model stealing To enhance abilities of adversarial inputs Source: 2018 DEFCON “AI Village”
  • 14. © Olivier Busolini An AI risk framework | June 2019 |Overview of AI in Cybersecurity 14 Source: Deloitte. “Managing algorithmic risks - Safeguarding the use of complex algorithms and machine learning”
  • 15. © Olivier Busolini TAKEAWAYS FOR THE ORDINARY CISO 4 | June 2019 |Overview of AI in Cybersecurity 15
  • 16. © Olivier Busolini  Asses your threats and risks – are AI based solutions the best answers to some of them ?  What is your current maturity in cybersecurity ? Up to where can you climb the ladder from detective, preventative or even predictive controls? A few points to look at | June 2019 |Overview of AI in Cybersecurity 16 Do you need AI ?  How does it learn ? • Learning ‘on the job’ within the user’s environment or the provider’s ? • What volume of data is required ? How often is retraining needed ?  What's the mechanism for collaboration with human ?  What are the error rates ? • False positive, and false negative • Is the error rate acceptable to achieve detection ? Automatic remediation ? What AI ?  Have you defined AI’s RoI ?  Can it detect, cluster, classify and make predictions that • would not have been possible by humans alone ? (complexity) • reduce the amount of human intervention and analysis required ? (scale) • in a timeframe not achievable by humans only ? (latency) Will you benefit from AI ?
  • 17. © Olivier Busolini • Stressed and stretched IT security teams look to automation of cybersecurity tasks for relief • Orchestration and integration of existing cybersecurity solutions is also necessary • Scarcity of cybersecurity experts look for support from augmented (AI to support humans) if not autonomous intelligent (AI without humans) to increase efficiency, and be able to meet more complex, massive and time sensitive threats • Human intervention will most probably be required to provide specific expert knowledge or when an action can have severe consequences What conclusion for a CISO ? | June 2019 |Overview of AI in Cybersecurity 17 CISOs need more (and more) efficiency& effectiveness • AI solutions should be fully integrated and consistent with the existing Cybersecurity and IT processes to be efficient • Change management might be required to benefit fully from the expected innovation, quality improvement and cost reduction • AI cybersecurity systems bring new risks. Can we compensate with existing controls or do we need to develop new ones ? Yes, AI is useful for CISOs but, sorry, no silver bullet (yet ?)
  • 18. © Olivier Busolini AI • Understand skills and training that are going to be necessary • Enable responsible widespread use of training data by defining a framework of interoperable anonymized data • Define a framework to assess and testAI safety AI in cybersecurity • Define an agreed upon AI security risk framework and associated set of AI security controls • AI as a tool • AI as a target • Define a framework to assess use of AI by cybersecurity threat actors • Define a framework to assess and testAI based cybersecurity solutions • Define an implemental maturity model for AI based cybersecurity solutions Further work should focus on | June 2019 |Overview of AI in Cybersecurity 18
  • 19. © Olivier Busolini Olivier Busolini [email protected] This presentation was created in my personal capacity. The opinions expressed in this document are mine only, and do not necessarily reflect the view of my employer. All right reserved to the author. Additionnal sources Accenture Autonomous Research Cybersecurity intelligence CSO Online Defcon 2018 AI Village Microsoft NIST Raffael Marty Rodney Brooks Thanks to Reto Aeberhardt (EY) Jan Tietze (Cylance) Godefroy Riegler (ICON ONG) David Doret Fabian Gentinetta-Parpan (Vectra) Pierre-Alain Moellic (CEA) Challenge my views with questions ! | June 2019 |Overview of AI in Cybersecurity 19 Icons Flaticon.com

Editor's Notes

  • #10: Malware creation: Customized undetectable malware using Elon Musk's OpenAI (2017 Defcon) Extension on polymorphic malware: modify code on the fly based on how and what has been detected in the environment Smart botnets Self learning botnets: actions based on local intelligence and exchanges between botnets Smarter zombies: act without the botnet C&C instructions Advanced spear phishing: text-to-speech, speech recognition, and natural language processing (NLP) for smarter social engineering Train on genuine emails and make convincing scams “Automated End2End spear phishing on Twitter”: success rate varying between 30 and 60 % (Black Hat USA 2016) Counter threat intelligence DDoS TI: raising the noise floor generates a lot of false positives to common machine learning models -> once a target recalibrates its system to filter out the false alarms, the attacker can launch a real attack that can get by the defensive ML Unauthorised access: Breaking current CAPTCHA (98% success) Poisoning machine learning engines 2017: convolutional neural networks (CNNs) attacked to produce false (but controlled) results through CNNs like Google, Microsoft, and AWS Using AI to classify victims and optimize RoI Condition based Cyberattacks e.g. Cyberattacks using Blockchain based smart contracts
  • #13: Generative adversarial networks, or GANs, which pitch two neural networks against one another, can be used to try to guess what algorithms defenders are using in their AI models. Another risk is that hackers will target data sets used to train models and poison them—for instance, by switching labels on samples of malicious code to indicate that they are safe rather than suspect. Malware creation: Customized undetectable malware using Elon Musk's OpenAI (2017 Defcon) Extension on polymorphic malware: modify code on the fly based on how and what has been detected in the environment Smart botnets Self learning botnets: actions based on local intelligence and exchanges between botnets Smarter zombies: act without the botnet C&C instructions Advanced spear phishing: text-to-speech, speech recognition, and natural language processing (NLP) for smarter social engineering Train on genuine emails and make convincing scams “Automated End2End spear phishing on Twitter”: success rate varying between 30 and 60 % (Black Hat USA 2016) Counter threat intelligence DDoS TI: raising the noise floor generates a lot of false positives to common machine learning models -> once a target recalibrates its system to filter out the false alarms, the attacker can launch a real attack that can get by the defensive ML Unauthorised access: Breaking current CAPTCHA (98% success) Poisoning machine learning engines 2017: convolutional neural networks (CNNs) attacked to produce false (but controlled) results through CNNs like Google, Microsoft, and AWS Using AI to classify victims and optimize RoI Condition based Cyberattacks e.g. Cyberattacks using Blockchain based smart contracts
  • #14: Adversarial inputs — big data inputs developed to be reliably misclassified by AI technologies to allow threat actors to evade detection. This category includes malicious documents and attachments designed to evade spam filters or antivirus technologies. Data poisoning — the method of feeding “poisoned” training data to cybersecurity tools. Poisoning attacks can occur when data is fed to a classifier to skew the machine learning model’s ability to distinguish adverse events from normal events. Feedback weaponization — a method of data poisoning that tricks a machine learning model into generating an enormous volume of false positives to create excessive noise in the SOC and evade detection. Model stealing — an attack that incorporates techniques used to create a duplicate of a machine learning model or steal model training data. This methodology can be used to steal AI models used to classify incidents, events and malicious content. Stealing models enables bad actors to develop sophisticated, highly targeted attacks against cybersecurity AI.