Artificial Intelligence & Machine Learning , Events , Finance & Banking
Outsmarting Adversaries: Using AI for Security
Bugcrowd Founder Casey Ellis on the Challenges of Integrating AI Into SecuritySince the advent of generative AI, hackers have used it to enhance the efficiency and effectiveness of malicious activities. Although the concept of fully autonomous, AI-driven internet exploitation is not yet a reality, there are clear indications that progress is being made, particularly in cyberattacks such as spear-phishing and social engineering, said Casey Ellis, founder and chief strategy officer, Bugcrowd.
See Also: How Overreliance on EDR is Failing Healthcare Providers
While bias has been a prominent topic in AI discussions, it is only one aspect of the broader AI security challenge. The larger concern lies in the potential threats posed by AI, specifically in terms of the integration points between AI and existing organizational processes. The rapid pace at which organizations are adopting AI technologies has often led to oversights in considering these integration points and the associated risks, Ellis said.
"In terms of what the bad guys are doing, there has been a strong trend toward exploitation of known issues. Nation-state actors have historically been focused on stealth. Now they are attacking across a wide base of targets opportunistically," he said. "On the defender side, speed is the natural enemy of security, and there's a lot of pressure on deploying AI quickly."
In this video interview with Information Security Media Group at RSA Conference 2024, Ellis also discussed:
- Areas in AI safety and security that CIOs and CISOs overlook;
- The demand for AI developers and vendors to identify potential biases and vulnerabilities for transparency;
- The perception that AI is extensively used by adversaries.
Ellis is a 20-year veteran of information security, servicing clients ranging from startups to multinational corporations as a pen tester, security and risk consultant, solutions architect and most recently as a career entrepreneur.