Securing the Future: Defending Against AI-Generated ThreatsOTC Markets Group's Vlad Brodsky on the Present and Future of AI-Driven Threats
AI-generated attacks can be faster and more adaptable than human-led attacks, making them difficult to detect and prevent. Many AI systems have substantial computational power. "Computational speed and power, when used correctly, could do a lot of damage to many companies," said Vlad Brodsky, chief information security officer at OTC Markets Group and a member of the CyberEdBoard.
How can organizations defend against these attacks? They need to go back to the basics and start by educating their users, Brodsky said.
"If a savvy user wants to do something, it's going to be very difficult to stop them. You're going to need to create policies - written policies, perhaps - that will let the user know that it's not OK to take company data from a spreadsheet or Word document and paste it into either a search engine AI or other generative AI that does not belong to the company," Brodsky said.
In this video interview with Information Security Media Group at ISMG's Financial Services Summit 2023, Brodsky also discussed:
- The limitations of manual searches for indicators of compromise;
- The benefits of natural language queries;
- The security implications of embedding AI into search engines.
Brodsky's responsibilities at OTC include leading the cybersecurity strategy, program and processes as well as running the firm's IT operations and infrastructure. In his nine years with the company, Brodsky has been instrumental in improving OTC's technology processes and creating a risk-based information security program designed to satisfy business and regulatory requirements. Brodsky previously worked as a chief security officer at Innovest Systems.