Alt. GDG Cloud Southlake #35_ Aravind Iyengar_ The Role of AI in Cyber Risk Management Slides ScreenCapture
JamesAnderson135
127 views
26 slides
Aug 30, 2024
Slide 1 of 26
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
About This Presentation
The role of AI in cyber risk management
AI has started to permeate all walks of life. Cyber security also has plenty to gain from the advancements in AI, and in this talk we will touch upon the multitude of ways in which AI is empowering security teams in proactive secops and risk management.
Ara...
Slide Content
The Role of Al in
Cyber Risk
Management
8/28/2024
Aravind lyengar
(=! Balbix
Cyber Risk
Management
8/28/2024
Aravind lyengar
(=! Balbix
Cyber Risk Management at a crossroads
Attack Surface
Rampant Threats
"Accelerated Al Capabilities
Attack Surface
Rampant Threats
"Accelerated Al Capabilities
Exploding Attack Surface
The Diverse and Shape-shifting Attack Surface
* Large and diverse inventory
= Influenced by waves of technologies
= Novel capabilities or productivity boosts
* Large and diverse inventory
= Influenced by waves of technologies
= Novel capabilities or productivity boosts
Ingredients for a robust Security Practice
* Portfolio of tools for management & monitoring
= Requires diverse skill sets & practices
= Creates silos of visibility 8 islands of knowledge
oa iia ED
E Balbhe sidi
* Portfolio of tools for management & monitoring
= Requires diverse skill sets & practices
= Creates silos of visibility 8 islands of knowledge
oa iia ED
E Balbhe sidi
The impossibility of Cyber Risk “Management”
* Diverse KPIs
- Disparate languages
ist ma
* Diverse KPIs
- Disparate languages
ist ma
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
ite Portfolio of
Tools
Disparate
Sees Languages
traditional approaches
Diverse
ite Portfolio of
Tools
Disparate
Sees Languages
Rampant Threats
The Vulnerability in identifying Vulnerabilities
+ Manual analysis unable to keep up
NVD Program Announcement veoa1to-apa, 2 2004
DARKREADING
e
NVD Backlog Continues to Grow
+ No consensus on communication standards
= CPEs - not enforced as unique identifiers
= CPEs vs. PURLs
+ Increasing reliance on FOSS
= Significantly compounds this problem
Image crest: ups tune conqueryoursish com
Qe Activity Summary (user: ASS)
EBalbix.
Pe ts sor. .
+ Manual analysis unable to keep up
NVD Program Announcement veoa1to-apa, 2 2004
DARKREADING
e
NVD Backlog Continues to Grow
+ No consensus on communication standards
= CPEs - not enforced as unique identifiers
= CPEs vs. PURLs
+ Increasing reliance on FOSS
= Significantly compounds this problem
Image crest: ups tune conqueryoursish com
Qe Activity Summary (user: ASS)
EBalbix.
Pe ts sor. .
The Avalanche of Exploits
+ Remediation
+ Meanwhile...
= Exploit volume is increasing ‘ta CLS
= ~3x more Y-o-Y es ne
= Time-to-exploit is shrinking .
= ~14x shorter for critical vulnerabilities 1
Cr
É bee oe
Ex. 1 1:2 2 Pe 53e © o ..o
ER
tan
i
| CISA KEV
sit
Image credits: Verizon DBIR 2024
practices are
falling behind
significantly!
+ Remediation
+ Meanwhile...
= Exploit volume is increasing ‘ta CLS
= ~3x more Y-o-Y es ne
= Time-to-exploit is shrinking .
= ~14x shorter for critical vulnerabilities 1
Cr
É bee oe
Ex. 1 1:2 2 Pe 53e © o ..o
ER
tan
i
| CISA KEV
sit
Image credits: Verizon DBIR 2024
practices are
falling behind
significantly!
The Failure of Prioritization
+ CVSS inefficient
= >50% of CVEs have 7+ scores i
+ EPSS / Threat indicators good for threat hunting |
= Not for VM
+ At -150 new CVEs / day
= No option but to prioritize
= But no way to prioritize!
+ And what about all the non-CVE
vulnerabilities?!
=) Balbix
+ CVSS inefficient
= >50% of CVEs have 7+ scores i
+ EPSS / Threat indicators good for threat hunting |
= Not for VM
+ At -150 new CVEs / day
= No option but to prioritize
= But no way to prioritize!
+ And what about all the non-CVE
vulnerabilities?!
=) Balbix
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
Failure of
Prioritization
Avalanche
of Exploits
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
Failure of
Prioritization
Avalanche
of Exploits
Accelerated Al Capabilities
The Journey of Al
» Turing test — 1950
= Intelligence as equivalent to indistinguishability with humans
+ Shannon's theory of Communication — 1948
= Information (in language) as a measure of unpredictability (of the
next word)
» Revival of the neural networks — 1980s
= Universal Approximation Theorem
= “Probably Approximately Correct”
» Turing test — 1950
= Intelligence as equivalent to indistinguishability with humans
+ Shannon's theory of Communication — 1948
= Information (in language) as a measure of unpredictability (of the
next word)
» Revival of the neural networks — 1980s
= Universal Approximation Theorem
= “Probably Approximately Correct”
[00]
The Al Renaissance
* Supervised learning IMAGENET eel és ST
Imagenet Large Scale Visual Recognition Challenge 2010 (ILSVRC2010)
* Stepping stones
= Parallel & distributed compute
= Larger labeled datasets
+ Powerful neural network architectures
= Deeper than wider — deep learning
= Long Short-term Memory, Convolutional Neural Networks
= Transformer & attention
+ Limited by availability of labeled data
dica
un 1 1 1090 ane
Image credit Wikipedia
The Al Renaissance
* Supervised learning IMAGENET eel és ST
Imagenet Large Scale Visual Recognition Challenge 2010 (ILSVRC2010)
* Stepping stones
= Parallel & distributed compute
= Larger labeled datasets
+ Powerful neural network architectures
= Deeper than wider — deep learning
= Long Short-term Memory, Convolutional Neural Networks
= Transformer & attention
+ Limited by availability of labeled data
dica
un 1 1 1090 ane
Image credit Wikipedia
LLMs: Circling back to where it started
* Language model =
= Predict the next “word”
= “Self’-supervised!
= Bigger is better — “large” models ”””
Closed:
reight models
+ Arguably passing the Turing .
test!
==. * Open-source LLMs closing the
gap with closed-source!
(2.7004 Ram At ep served
* Language model =
= Predict the next “word”
= “Self’-supervised!
= Bigger is better — “large” models ”””
Closed:
reight models
+ Arguably passing the Turing .
test!
==. * Open-source LLMs closing the
gap with closed-source!
(2.7004 Ram At ep served
What can we do with this?
+ Make sense of textual data — irrespective of the “language”!
= Comprehend information from different tools
* Cleanse data — map it to known & well-understood entities
= Sanitize and normalize information
+ Deduplicate and consolidate
= Corroborate across sources and resolve conflicting information
+ Draw inferences to link concepts
= Deduce with logic and interrelate pieces of information
+ Categorize and catalogue
= Organize and operationalize
- Reason and quantify
= Prioritize based on subject-matter expertise
+ Justify, explain and interact in simple, human language!
+ Make sense of textual data — irrespective of the “language”!
= Comprehend information from different tools
* Cleanse data — map it to known & well-understood entities
= Sanitize and normalize information
+ Deduplicate and consolidate
= Corroborate across sources and resolve conflicting information
+ Draw inferences to link concepts
= Deduce with logic and interrelate pieces of information
+ Categorize and catalogue
= Organize and operationalize
- Reason and quantify
= Prioritize based on subject-matter expertise
+ Justify, explain and interact in simple, human language!
The Al Blueprint for Cyber Risk Management
» Cast a wide net with automated Al inferences
= Immediately operationalize to remediate high-confidence top-risks
» Remove blind spots
= Plug gaps in visibility and low-confidence data points by adding appropriate
tools, particularly where expected to be material
» Spot-check
= Reserve expert resources for scrutiny in high-impact scenarios
+ Maintain & govern
= Book-keep and drive compliance of policies and SLAs
= Introspect to ensure requirements are in line with risk tolerance
©7004 panne At opt means
» Cast a wide net with automated Al inferences
= Immediately operationalize to remediate high-confidence top-risks
» Remove blind spots
= Plug gaps in visibility and low-confidence data points by adding appropriate
tools, particularly where expected to be material
» Spot-check
= Reserve expert resources for scrutiny in high-impact scenarios
+ Maintain & govern
= Book-keep and drive compliance of policies and SLAs
= Introspect to ensure requirements are in line with risk tolerance
©7004 panne At opt means
The possibility of Cyber Risk Management with Al
Comprehend,
Bring all data sanitize, correlate Deduce & infer
together & deduplicate vulnerabilities
inventory
Quantify risk Prioritize &
exposure operationalize
=) Balbix 227104 Maer A1 pgp eaervod
Comprehend,
Bring all data sanitize, correlate Deduce & infer
together & deduplicate vulnerabilities
inventory
Quantify risk Prioritize &
exposure operationalize
=) Balbix 227104 Maer A1 pgp eaervod
At a crossroads...
* Stick to manual approaches
* Show the busy work of tackling a small sliver of issues that are not
particularly correlated with risk
Ignorance is bliss
» Assess all issues with Al automatically
+ Show the smart work of tackling all high-risk issues identified, with
robust and data-driven justification of assessments
Knowledge is power
* Stick to manual approaches
* Show the busy work of tackling a small sliver of issues that are not
particularly correlated with risk
Ignorance is bliss
» Assess all issues with Al automatically
+ Show the smart work of tackling all high-risk issues identified, with
robust and data-driven justification of assessments
Knowledge is power
Sign up for a Demo
of Balbix today!
E Balbix
of Balbix today!
E Balbix
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 127
- Slides 26
- Age 465 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
57 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
53 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
42 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
41 views
21
Know for Certain
DaveSinNM
26 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
30 views