GDG Cloud Southlake #35: Aravind Iyengar: The Role of AI in Cyber Risk Management
JamesAnderson135
580 views
22 slides
Aug 30, 2024
Slide 1 of 22
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
About This Presentation
The role of AI in cyber risk management
AI has started to permeate all walks of life. Cyber security also has plenty to gain from the advancements in AI, and in this talk we will touch upon the multitude of ways in which AI is empowering security teams in proactive secops and risk management.
Ara...
Slide Content
© 2024 Balbix. All rights reserved.
The Role of AI in
Cyber Risk
Management
8/28/2024
Aravind Iyengar
The Role of AI in
Cyber Risk
Management
8/28/2024
Aravind Iyengar
2© 2024 Balbix. All rights reserved.
Cyber Risk Management at a crossroads
Exploding Attack Surface
Rampant Threats
Accelerated AI Capabilities
Cyber Risk Management at a crossroads
Exploding Attack Surface
Rampant Threats
Accelerated AI Capabilities
© 2024 Balbix. All rights reserved.
Exploding Attack Surface
Exploding Attack Surface
4© 2024 Balbix. All rights reserved.
The Diverse and Shape-shifting Attack Surface
•Large and diverse inventory
▪Influenced by waves of technologies
▪Novel capabilities or productivity boosts
Networking
Systems
End-user
Compute
Web
Applications
OT / ICS
Mobile
devices
Cloud Assets IoT AI
The Diverse and Shape-shifting Attack Surface
•Large and diverse inventory
▪Influenced by waves of technologies
▪Novel capabilities or productivity boosts
Networking
Systems
End-user
Compute
Web
Applications
OT / ICS
Mobile
devices
Cloud Assets IoT AI
5© 2024 Balbix. All rights reserved.
Ingredients for a robust Security Practice
•Portfolio of tools for management & monitoring
▪Requires diverse skill sets & practices
▪Creates silos of visibility & islands of knowledge
CSPM ASPM DevSecOps IT CMDB VM CNAPP
XDR EDR SOAR SIEM IPS/IDS IAM PAM
Ingredients for a robust Security Practice
•Portfolio of tools for management & monitoring
▪Requires diverse skill sets & practices
▪Creates silos of visibility & islands of knowledge
CSPM ASPM DevSecOps IT CMDB VM CNAPP
XDR EDR SOAR SIEM IPS/IDS IAM PAM
6© 2024 Balbix. All rights reserved.
The impossibility of Cyber Risk “Management”
•Diverse KPIs
•Disparate languages
Risk
Assets
Softwares
VulnerabilitiesControls
Policies
The impossibility of Cyber Risk “Management”
•Diverse KPIs
•Disparate languages
Risk
Assets
Softwares
VulnerabilitiesControls
Policies
7© 2024 Balbix. All rights reserved.
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
© 2024 Balbix. All rights reserved.
Rampant Threats
Rampant Threats
9© 2024 Balbix. All rights reserved.
The Vulnerability in identifying Vulnerabilities
•Manual analysis unable to keep up
•No consensus on communication standards
▪CPEs –not enforced as unique identifiers
▪CPEs vs. PURLs
•Increasing reliance on FOSS
▪Significantly compounds this problem
Image credit: https://www.conquer-your-risk.com/
The Vulnerability in identifying Vulnerabilities
•Manual analysis unable to keep up
•No consensus on communication standards
▪CPEs –not enforced as unique identifiers
▪CPEs vs. PURLs
•Increasing reliance on FOSS
▪Significantly compounds this problem
Image credit: https://www.conquer-your-risk.com/
10© 2024 Balbix. All rights reserved.
The Avalanche of Exploits
•Remediation
practices are
falling behind
significantly!
Image credits: Verizon DBIR 2024
•Meanwhile…
▪Exploit volume is increasing
▪~3x more Y-o-Y
▪Time-to-exploit is shrinking
▪~14x shorter for critical vulnerabilities
The Avalanche of Exploits
•Remediation
practices are
falling behind
significantly!
Image credits: Verizon DBIR 2024
•Meanwhile…
▪Exploit volume is increasing
▪~3x more Y-o-Y
▪Time-to-exploit is shrinking
▪~14x shorter for critical vulnerabilities
11© 2024 Balbix. All rights reserved.
The Failure of Prioritization
•CVSS inefficient
▪>50% of CVEs have 7+ scores
•EPSS / Threat indicators good for threat hunting
▪Not for VM
•At ~150 new CVEs / day
▪No option but to prioritize
▪But no way to prioritize!
•And what about all the non-CVE
vulnerabilities?!
The Failure of Prioritization
•CVSS inefficient
▪>50% of CVEs have 7+ scores
•EPSS / Threat indicators good for threat hunting
▪Not for VM
•At ~150 new CVEs / day
▪No option but to prioritize
▪But no way to prioritize!
•And what about all the non-CVE
vulnerabilities?!
12© 2024 Balbix. All rights reserved.
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
Vulnerability
Identification
Vulnerability
Avalanche
of Exploits
Failure of
Prioritization
The impossibility of Cyber Risk Management with
traditional approaches
Diverse
Attack
Surface
Portfolio of
Tools
Disparate
Languages
Vulnerability
Identification
Vulnerability
Avalanche
of Exploits
Failure of
Prioritization
© 2024 Balbix. All rights reserved.
Accelerated AI Capabilities
Accelerated AI Capabilities
14© 2024 Balbix. All rights reserved.
The Journey of AI
•Turing test – 1950
▪Intelligence as equivalent to indistinguishability with humans
•Shannon’s theory of Communication – 1948
▪Information (in language) as a measure of unpredictability (of the
next word)
•Revival of the neural networks – 1980s
▪Universal Approximation Theorem
▪“Probably Approximately Correct”
The Journey of AI
•Turing test – 1950
▪Intelligence as equivalent to indistinguishability with humans
•Shannon’s theory of Communication – 1948
▪Information (in language) as a measure of unpredictability (of the
next word)
•Revival of the neural networks – 1980s
▪Universal Approximation Theorem
▪“Probably Approximately Correct”
15© 2024 Balbix. All rights reserved.
The AI Renaissance
•Supervised learning
•Stepping stones
▪Parallel & distributed compute
▪Larger labeled datasets
•Powerful neural network architectures
▪Deeper than wider – deep learning
▪Long Short-term Memory, Convolutional Neural Networks
▪Transformer & attention
•Limited by availability of labeled data
Image credit: Wikipedia
The AI Renaissance
•Supervised learning
•Stepping stones
▪Parallel & distributed compute
▪Larger labeled datasets
•Powerful neural network architectures
▪Deeper than wider – deep learning
▪Long Short-term Memory, Convolutional Neural Networks
▪Transformer & attention
•Limited by availability of labeled data
Image credit: Wikipedia
16© 2024 Balbix. All rights reserved.
LLMs: Circling back to where it started
•Language model
▪Predict the next “word”
▪“Self”-supervised!
▪Bigger is better – “large” models
Image credit: www.nextbigfuture.com
•Arguably passing the Turing
test!
•Open-source LLMs closing the
gap with closed-source!
LLMs: Circling back to where it started
•Language model
▪Predict the next “word”
▪“Self”-supervised!
▪Bigger is better – “large” models
Image credit: www.nextbigfuture.com
•Arguably passing the Turing
test!
•Open-source LLMs closing the
gap with closed-source!
17© 2024 Balbix. All rights reserved.
What can we do with this?
•Make sense of textual data – irrespective of the “language”!
▪Comprehend information from different tools
•Cleanse data – map it to known & well-understood entities
▪Sanitize and normalize information
•Deduplicate and consolidate
▪Corroborate across sources and resolve conflicting information
•Draw inferences to link concepts
▪Deduce with logic and interrelate pieces of information
•Categorize and catalogue
▪Organize and operationalize
•Reason and quantify
▪Prioritize based on subject-matter expertise
•Justify, explain and interact in simple, human language!
What can we do with this?
•Make sense of textual data – irrespective of the “language”!
▪Comprehend information from different tools
•Cleanse data – map it to known & well-understood entities
▪Sanitize and normalize information
•Deduplicate and consolidate
▪Corroborate across sources and resolve conflicting information
•Draw inferences to link concepts
▪Deduce with logic and interrelate pieces of information
•Categorize and catalogue
▪Organize and operationalize
•Reason and quantify
▪Prioritize based on subject-matter expertise
•Justify, explain and interact in simple, human language!
18© 2024 Balbix. All rights reserved.
The AI Blueprint for Cyber Risk Management
•Cast a wide net with automated AI inferences
▪Immediately operationalize to remediate high-confidence top-risks
•Remove blind spots
▪Plug gaps in visibility and low-confidence data points by adding appropriate
tools, particularly where expected to be material
•Spot-check
▪Reserve expert resources for scrutiny in high-impact scenarios
•Maintain & govern
▪Book-keep and drive compliance of policies and SLAs
▪Introspect to ensure requirements are in line with risk tolerance
The AI Blueprint for Cyber Risk Management
•Cast a wide net with automated AI inferences
▪Immediately operationalize to remediate high-confidence top-risks
•Remove blind spots
▪Plug gaps in visibility and low-confidence data points by adding appropriate
tools, particularly where expected to be material
•Spot-check
▪Reserve expert resources for scrutiny in high-impact scenarios
•Maintain & govern
▪Book-keep and drive compliance of policies and SLAs
▪Introspect to ensure requirements are in line with risk tolerance
19© 2024 Balbix. All rights reserved.
The possibility of Cyber Risk Management with AI
Bring all data
together
Comprehend,
sanitize, correlate
& deduplicate
inventory
Deduce & infer
vulnerabilities
Evaluate controls
& mitigations
Quantify risk
exposure
Prioritize &
operationalize
The possibility of Cyber Risk Management with AI
Bring all data
together
Comprehend,
sanitize, correlate
& deduplicate
inventory
Deduce & infer
vulnerabilities
Evaluate controls
& mitigations
Quantify risk
exposure
Prioritize &
operationalize
20© 2024 Balbix. All rights reserved.
At a crossroads…
•Stick to manual approaches
•Show the busy work of tackling a small sliver of issues that are not
particularly correlated with risk
Ignorance is bliss
•Assess all issues with AI automatically
•Show the smart work of tackling all high-risk issues identified, with
robust and data-driven justification of assessments
Knowledge is power
At a crossroads…
•Stick to manual approaches
•Show the busy work of tackling a small sliver of issues that are not
particularly correlated with risk
Ignorance is bliss
•Assess all issues with AI automatically
•Show the smart work of tackling all high-risk issues identified, with
robust and data-driven justification of assessments
Knowledge is power
© 2024 Balbix. All rights reserved.
Sign up for a Demo
of Balbix today!
Sign up for a Demo
of Balbix today!
Thank you
© 2024 Balbix. All rights reserved.
© 2024 Balbix. All rights reserved.
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 580
- Slides 22
- Age 477 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
85 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
77 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
76 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
62 views
21
Know for Certain
DaveSinNM
36 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
41 views