decrypting myths
Is there some form of unfamiliar coercion that is being used that might be a warning sign of malicious purpose ?
Likewise , Generative AI capability can be used for forensic investigation to determine whether particular types of incidents are repeatedly showing up – are they net new or has the organisation seen them before , how are users affected by the activity even though it doesn ’ t yet qualify as an incident , and so on . The time and cost savings this affords security teams is unprecedented .
All these tasks become supremely possible within the natural language processing and Machine Learning models , making behavioural AI adoption for security game changing . In addition to cost of investigation and timely uncovering of attacks , the mean time to recovery and cost of investigation is significantly reduced .
Security awareness is indispensable
Oliver Paterson , Director of Product Management , VIPRE Security Group
hasn ’ t seen before . Because there ’ s no historic data on the employee ’ s behaviour – such as the IP addresses the individual corresponds with , the preferred browser , email IDs used aside from the business email , email traffic patterns , devices used to sign in , writing style in emails , typical formats of attachment and so forth – there ’ s no way for the AI solution to identify and mitigate the threat .
Therefore , training AI systems on combined data from a wide variety of accurate and credible external sources alongside input from niche point solutions , is vital . When AI security systems are trained on the right data , there are thousands of exploits that are catchable by behavioral-driven technology approaches . For instance , it becomes possible to detect and analyse the sentiment and intent of the emails based on historic profiling of individuals .
A word of advice though . Regardless of how advanced technology is , relying purely on solutions is a high-risk strategy . Vigilance on the part of employees is indispensable . Should a breach attempt take place , employees must be equipped with reasonable knowledge to identify a potential threat . A malicious link is a good example . If they have inadvertently acted on the malicious link or a phishing or social engineering attack , they must intuitively know the processes they must follow so that the impact of the breach on the organisation can be immediately mitigated and remedial activity undertaken . There is simply no substitute for this . Neglecting this very important activity could easily turn into an expensive mistake . The view that AI can be ‘ switched on ’ and the technology will magically take care of security is a grave misnomer . u www . intelligentciso . com
69