Artificial intelligence will play a greater role this year in fooling attackers and authenticating users and sessions, predicts cybersecurity attorney and consultant Chris Pierson. He was formerly the CISO at Viewpost, a payments provider, and chief privacy officer at the Royal Bank of Scotland.
The increasing number and sophistication of attacks is pushing businesses in every sector to rely more heavily on AI, he says in an interview with Information Security Media Group.
"As defenders, we've had to look at how computers are reacting, how servers are reacting, what responses are being made and done, and that had to be done in an automated fashion," Pierson says. "It's simply too time-consuming to be done by an individual security-operations operator or an analyst or a cybersecurity engineer."
Among the factors fueling greater use of AI for security is the need to streamline fraud detection.
"In 2016, everyone saw a shift away from signature-based malware detection capabilities to the traditional blacklist," he says. "Many companies, essentially larger ones, had already introduced whitelisting into their production environments, and some a little beyond that. But really what was needed was the ticking and tying of different things that were seen within the environment: different user behaviors, different user interactions, different processes on the computers that were being called and referenced together. And that was needed to gain greater defense and a greater ability to defend the corporate and production networks from attackers."
In this interview (see audio link below photo), Pierson also discusses:
- How encryption has allowed hackers to penetrate networks and systems undetected;
- The role machine learning plays; and
- How behavioral biometrics can complement AI.
Pierson is the founder and CEO of Binary Sun Cyber Risk Advisors, a cybersecurity consultancy. He is a globally recognized cybersecurity expert and entrepreneur who holds several cybersecurity patents and serves on the Department of Homeland Security's Data Privacy & Integrity Advisory Committee and Cybersecurity Subcommittee. He also is a Distinguished Fellow of the Ponemon Institute.