How Generative AI Will Transform Cybersecurity
robort - 2023-04-28 06:15:06
Microsoft last week announced that, just as it did with .NET years ago, it will be putting generative AI into everything, including security.
Back in the .NET days, I joked that Microsoft was so over the top with .Net that the bathrooms were renamed Men.net and Women.net. Many of those efforts didn’t make a ton of sense. However, given that generative AI impacts most of what Microsoft does (except the bathrooms), it makes more sense for the company to do this now than it did then.
Let’s explore how generative AI will impact security. Then we’ll close with my Product of the Week: the BAC Mono custom-built, street-legal track car.
The Biggest Security Exposure … Is You
We’re often overly excited about all the technology we have to mitigate breaches. But after layer over layer of security software to identify and correct breaches, the one constant is that the most common cause of a breach is a person. Ransomware attacks, identity theft, data theft, and any number of additional problems mostly track back to someone who was tricked into giving out information that was used to do harm.
The industry talks about regular employee training, security drills and audits, and extreme penalties, all of which have had minimal impact on the problem because companies don’t consistently and effectively practice any of them. I include security companies, particularly their executives, in that group, who often seem to think the rules they helped create don’t apply to them.
Back when I was doing security audits (at a company known for security) on a CEO who often bragged he knew more about security than anyone else in my division, I was able to access his most sensitive information that was in a locked safe in 10 minutes. Not by using some super-secret James Bond hacking technology but by looking in his secretary’s drawer where all the keys were stored, which was unlocked.
Human error is the most significant and prevalent cause of some of our most painful security problems, and it has been this way for decades.
HP PC Security Solutions
I’m writing this at HP’s Amplify partner event, where HP just kicked off its security solution. HP’s Wolf Security is arguably the best PC security solution in the market.
HP highlighted that the security business generates $8 trillion in revenue, which is a fraction of the money it protects. Yet all this technology is worthless if you can’t prevent an employee from doing something stupid.
The HP technology includes VMs, BIOs, protection, and some of the most impressive security solutions I’ve seen, but that only addresses someone who accidentally misplaces or loses a PC. It doesn’t deal with an employee who voluntarily or accidentally breaches their own protection.
One exception is HP Sure Click which helps prevent a user from clicking on a link they shouldn’t. Sure Click isolates risky actions in a virtual environment so that the damage doesn’t escape an isolated VM to cause harm. This effort goes a long way. However, while HP does more than most, it still isn’t enough.
BAC Mono Custom-Built, Street-Legal Track Car
Since we are talking about AI this week, two weeks ago, Nvidia held its GTC conference, where I saw Nvidia’s vision of a car that would be created virtually at first and then custom-built to your specific needs and taste.
The BAC Mono car is an early example of how the rest of the car market will evolve. Using advanced workstation tools from HP, BAC has created a process that mirrors what Nvidia spoke about.
I sold my track car some years back, and I miss it. But typically, a track car is some older sports car or hot hatch that you then drive on the track. These cars are designed for day-to-day driving and aren’t ideal for the track — and dedicated track cars require you to trailer them.