5 Ways Generative AI Will Help Increase Cybersecurity's Precision

While every cybersecurity company offers a distinct viewpoint on how generative AI can benefit its clients, their goals align in a common direction. Generative AI introduces a renewed focus on data precision, accuracy, and real-time insights. DevOps, product engineering, and product management teams are rapidly releasing innovative generative AI-based products to leverage the advantages of this technology.

[FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing
A step-by-step guide for securing yourcompany against cyber attacks.

Given that generative AI is a double-edged sword, all manufacturers must provide recommendations for mitigating risks. Several companies, such as Airgap Networks, CrowdStrike, Microsoft Security Copilot, and Zscaler, have incorporated security features into their products.

According to projections, the demand for generative AI-based cybersecurity platforms and solutions is expected to grow significantly between 2022 and 2023, with a compound annual growth rate of 22%. This growth is anticipated to drive the market value up to $11.2 billion by 2032, a substantial increase from $1.6 billion in 2022. Canalys predicts that within the next five years, generative AI solutions will be employed by over 70% of enterprises to bolster their cybersecurity operations.

Generative AI dominates cybersecurity roadmaps and user events.

VentureBeat frequently receives roadmap briefings from cybersecurity vendors, and generative AI has become a key component in five distinct ways. It has solidified its position as a foundational element in developing new platforms, applications, and updates for existing platforms. Recently, Zscaler’s Zenith Live 2023 event provided a glimpse into what to expect this year regarding generative AI products, including those currently in development and those poised for launch.

These cyber security companies have unveiled their generative AI goods and services:

AirGap Networks, recognized as one of the top 20 startups to watch in zero trust, has unveiled its Zero Trust Firewall (ZTFW) product featuring ThreatGPT. This offering exemplifies how DevOps teams are rapidly and comprehensively harnessing the capabilities of generative AI to deliver value to clients and prospects. ThreatGPT utilizes graph databases and GPT-3 models to uncover valuable cybersecurity insights. The inclusion of GPT-3 models allows for evaluating natural language searches and identifying security vulnerabilities, while graph databases provide contextual information on endpoint traffic links.

• Cisco Security Cloud: At the recent CISCO LIVE event, Cisco introduced various generative AI products and services. The company showcased new generative AI functionalities across its Collaboration and Security portfolios, including the Cisco Webex platform’s innovative generative AI-powered summarization features. Additionally, Cisco Security Cloud unveiled new AI capabilities. These advancements aim to streamline policy management processes and accelerate response times to emerging threats.
• CrowdStrike: Known for its extensive AI and machine learning (ML) expertise, it integrates these technologies across every aspect of its product and service portfolio. The company’s ability to harness AI/ML, and now generative AI, has proven instrumental in reducing risks and enhancing precision. CrowdStrike has effectively transformed its XDR framework into a robust growth engine by leveraging these technologies. Moreover, at its 2022 Fal.Con event, the company unveiled several new AI/ML-based solutions. Among these offerings is Charlotte AI, a cutting-edge generative AI security analyzer representing CrowdStrike’s latest innovation in this field.
• ZeroFox has developed FoxGPT, a generative AI-based tool that complements its External Cybersecurity Platform. FoxGPT utilizes advanced algorithms to rapidly analyze and summarize vast datasets, enabling it to identify harmful content, phishing scams, and potential account takeovers. ZeroFox has consistently integrated new machine-learning capabilities into its platform, recognizing the need to keep pace with the rapidly evolving field.

There are five ways generative AI might improve cybersecurity accuracy.

Generative AI has the potential to enhance cybersecurity accuracy in five key ways. It is already making strides in transforming the field by enabling faster anomaly detection compared to existing technologies. Additionally, generative AI can parse logs and swiftly identify abnormal patterns in real time. It also plays a crucial role in incident triaging and response, as well as in reconstructing attack tactics for analysis and prevention. These observations are based on insights gained from interviews with prominent cybersecurity thought leaders, including Ritesh Agrawal, CEO of Airgap Networks; Michael Sentonas, President of CrowdStrike; David Canellos, Senior Vice President of Ericom’s Cybersecurity Business Unit, and numerous others.

1. Real-time risk estimation and assessment

The C-level executives responsible for reporting to the board of directors possess extensive experience in risk management. However, today’s rapidly evolving and sophisticated threats bring new challenges and opportunities for career advancement for CIOs and CISOs.

In today’s landscape, one critical skill set for CIOs and CISOs is the ability to effectively measure cyber risk and prioritize investments, expected returns, and outcomes among competing cybersecurity programs. Recognizing this, leading cybersecurity providers see it as an opportunity to leverage generative AI within their systems and employ model training using the telemetry data they collect daily. An example of this innovation is the introduction of Risk360 by Zscaler, showcasing how generative AI is assisting cybersecurity businesses in pushing the boundaries of innovation.

2. Generative AI will revolutionize detection and response

Detection and response platforms are crucial in gathering and processing real-time telemetry data through open architecture and APIs. To enhance XDR capabilities, vendors are leveraging generative AI to break down data silos, improve latency, and increase accuracy, thus eliminating barriers to effective cyberattack prevention. The vast amount of telemetry data originating from endpoints, email repositories, networks, and web-based applications can now be contextualized with the help of generative AI. Since many XDR solutions rely on a single data lake, they are particularly well-suited for integrating generative AI. Leading XDR vendors in this space include Tehtris, Trend Micro, Palo Alto Networks, Microsoft, CrowdStrike, and Tehtris.

3. Increasing contextual intelligence, self-healing capabilities, and endpoint resilience

Generative AI has shown promising potential in enhancing endpoints’ resilience and self-healing capabilities. By analyzing endpoint data, generative AI algorithms gain a deeper understanding of the context, enabling them to effectively recognize and respond to attack patterns. A self-healing endpoint refers to a system that can autonomously power off, verify the operating system’s and application versions’ integrity, and reset to an improved and secure configuration.
Endpoint data remains a crucial source of innovation in this domain. Integrating generative AI into self-healing endpoint platforms promises to accelerate the velocity and scope of innovation. Notable vendors in this space include Absolute Software, Akamai, BlackBerry, CrowdStrike, Cisco, Ivanti, Malwarebytes, McAfee, and Microsoft 365.

4. enhancing currently used AI-based automatic patch management methods

CISOs often initiate patching as a response to security breaches, compromised mission-critical systems, or unauthorized access credential theft. According to the State of Security Preparedness 2023 Report by Ivanti, patch management is restarted in 61% of external incidents, intrusion attempts, or breaches.
Dr. Srinivas Mukkamala, Chief Product Officer of Ivanti, emphasized to VentureBeat that patching is complex. Even well-equipped IT and security teams struggle to prioritize patches amidst other pressing needs. Organizations need to adopt risk-based patch management solutions and leverage automation to effectively minimize risk without overwhelming workloads to identify, prioritize, and remediate vulnerabilities with minimal manual intervention.

5. cybersecurity and generative AI’s double-edged sword

Interviews conducted by VentureBeat with members of Zscaler’s senior management team and clients, including CIOs and CISOs at Zenith Live 2023, shed light on the dilemma they face: How can generative AI provide significant productivity gains while simultaneously posing the risk of exposing proprietary information and business data to public models like OpenAI’s?

Addressing this concern during the keynote, Zscaler’s Chief Technology Officer, Syam Nair, reassured the audience that the company is committed to protecting customer data and privacy. To achieve this, Zscaler plans to strengthen its ZTX platform, relying on its LLMs (Large Language Models) and incorporating a core of zero trust into the platform. Nair advised the audience on enhancing data security, emphasizing the importance of zero trust in AI applications by stating, “This is where zero trust and the need for zero trust for AI applications comes into being.”

Throughout Zscaler Live 360, the concept of designing with zero trust and prioritizing identity was prominently featured. Zscaler aims to leverage its LLMs’ flexibility and real-time insights to enhance platform-wide zero-trust capabilities.