Saurabh Sharma, senior security researcher for the Asia Pacific Global Research and Analysis Team (GReAT) at Kaspersky , said that if cybercriminals can harness the power of artificial intelligence ( AI ), then in turn cyber security teams can also utilize this technology to kind.
“By 2022, Asia Pacific needs to fill the cyber security talent gap of 52.4 percent in line with the driving force of the digital economy,” he explained in a release shared Monday, September 4, 2023.
This urgent need may prompt IT security teams to consider using intelligent machines to enhance their organization’s cyber defense and AI can assist in key areas such as threat intelligence, incident response and threat analysis.
Threat intelligence is an aspect of cyber security that involves gathering relevant information about cybercriminals. Sharma said AI algorithms can be used to quickly access and analyze previously published research and previously seen tactics, techniques and procedures (TTPs), leading to the development of threat hunting hypotheses.
He said from a cyber incident response perspective, AI can suggest anomalies in a collection of provided logs, understand security event logs, generate specific security event log views, and recommend steps to look for early implants such as web shells.
In terms of threat analysis or the stage where cyber defenders try to understand how the tools used in an attack work, Sharma notes that technologies like ChatGPT can even help to identify critical components in malware code, deobfuscate malicious scripts, and create servers. dummy web with a certain encryption scheme.
But Sharma highlighted the limitations of AI in building and maintaining cyber defenses. He reminded companies and organizations in Asia Pacific to focus on expanding existing teams and workflows.
He also suggested that transparency should be part of the exploration and application of Generative AI, especially when it provides misinformation. In addition, all interactions with Generative AI must be logged, available for review, and maintained for the life of the product deployed in the enterprise.
“AI has clear benefits for cybersecurity teams, especially in automating data collection, increasing Mean Time To Repair (MTTR), and limiting the impact of each incident,” he explained.
According to him, if used effectively, this technology can also reduce the skill requirements for security analysts. But organizations must remember that smart machines can augment and complement human capabilities, but not replace them.
Source : Tempo.co