In an insightful conversation, Chris Fisher, Director of Security Engineering at Vectra AI for Asia Pacific and Japan, delves into the complex and rapidly evolving cybersecurity landscape, particularly in the context of the burgeoning field of artificial intelligence. Vectra AI, a company with over a decade of experience in AI-driven cybersecurity, stands at the cutting edge of this dynamic sector.
Tracing the genesis of Vectra AI, Fisher reminisces, "A decade ago, security operation centres faced a deluge of alerts from traditional technologies that were neither accurate nor efficient." This challenge catalyzed Vectra AI’s focus on network security, a pivotal yet intricate domain within cybersecurity. Despite initial hurdles, their technology has now evolved into an adept system for swiftly pinpointing and prioritizing threats across both network and cloud environments.
Fisher emphasizes the critical role of AI in cybersecurity, particularly in addressing the industry's widespread skill shortage. "Our approach to threat identification and prioritization changes the dynamic of cybersecurity workloads, enabling a more strategic focus on protecting businesses," he notes.
Looking ahead to 2024, Fisher foresees a continuation of the trend where cyber threats evolve from targeting human vulnerabilities to exploiting network infrastructures. "In 2023, we observed an uptick in data breaches, surpassing those in 2022, with attackers increasingly concentrating on network infrastructures," he comments. This trend, according to Fisher, is likely to persist, exacerbated by the expanded network infrastructure rapidly deployed during the increased remote work era.
On the impact of generative AI, Fisher describes it as a "search engine on steroids." While it enhances defenders' capabilities in context analysis and accelerates the learning process, it also arms attackers with more sophisticated tools for social engineering. "Generative AI has significantly improved the realism of phishing emails, thus amplifying their threat potential," Fisher asserts.
For 2024, Fisher predicts a heightened focus on previously under-considered areas like data center infrastructure and the detection of lateral movements within networks. He cautions about the complexity of modern hybrid networks, which present new challenges in identifying and thwarting these movements, frequently exploited by attackers.
Fisher also addresses the evolution of cyberattack methods. "Attackers typically begin with the most common systems, like Windows endpoints. As these systems become more secure and harder to exploit, they pivot to network infrastructure," he explains. This adaptive strategy of attackers highlights a broader trend in cyber threats, where assailants continually seek out new vulnerabilities to exploit.
On the subject of security strategies, Fisher advises a comprehensive coverage approach. "We must view our enterprise as a unified target, as attackers do. This involves prioritizing threat identification and validation, coupled with regular practice of response mechanisms," he suggests. He stresses the importance of a proactive, integrated approach to cybersecurity, one that encompasses all aspects of an organization's digital footprint.
Wrapping up the discussion, Fisher's insights paint a detailed picture of the 2024 cybersecurity landscape, heavily influenced by advancements in AI. The conversation underscores Vectra AI's commitment to remaining at the forefront of this evolving field, highlighting the necessity of innovative, AI-driven solutions to counter sophisticated and continuously evolving cyber threats. This forward-looking perspective serves as a clarion call for organizations to adapt and strengthen their cybersecurity postures in an increasingly AI-dominated world.