AI for Adaptive Security
Since launching last November, ChatGPT has become one of the most popular destinations on the internet. An abundance of literature has been produced on how AI technology can be misused by malicious actors to develop malware, create phishing emails, or otherwise participate in nefarious activities. However, there are also many ways the latest artificial intelligence can strengthen security practices, especially through the advancement of adaptive security techniques.
Defining Adaptive Security
One of the earliest references to adaptive security comes from a 2008 presentation by Joel Weise, who at the time was the chief technologist at Sun Microsystems (since acquired by Oracle). At its core, it is a security model that can anticipate and respond to threats before they manifest.
Many existing security systems are already adaptive and able to make intelligent security decisions. For example, EDR uses machine learning to analyze files and determine if code is safe to execute. An adaptive authentication system may increase the number of factors required to authenticate based on login characteristics, and a SIEM will compare activity against a learned baseline before flagging it as anomalous. All these functions are reactive in nature, however, and they lack true, holistic integration to drive decision making across products.
Enter Predictive AI
Predictive AI systems are designed to forecast future events based on modeling of historical data. To increase accuracy, models can be trained with data from numerous sources and even data originating from multiple organizations.
The systems can monitor current activity against statistical trends and correlations which may indicate early signs of a brand new threat, attack, or vulnerability. Intelligence is immediately fed to generative systems, which can find and fix vulnerable code, automate the deployment of necessary countermeasures, and alert security staff.
AI vs AI
It's easy to see that AI is going to become a necessity for effective cyber security programs, especially as AI usage in attack techniques continues to grow. As these become more formidable, frequent, and begin to overwhelm traditional security systems, it will be even more important to deploy effective AI on the defensive.