5 minutes with: Arash Ghazanfari, UK CTO, Dell Technologies
With the global rise in AI, there has inevitably been a rise in cybercrime related to these new digital systems that businesses must know how to combat.
However, if used for good, AI has great potential to revolutionise the cybersecurity sector and improve efficiencies and methods used to combat data breaches and hacks.
We spoke with Arash Ghazanfari, UK CTO of Dell Technologies about the issue of AI in the cybersecurity sector and how it can be harnessed for good, whilst providing insight into how Dell Technologies is strategising to transform security moving forward.
How important will AI be for businesses in the cybersecurity landscape moving forward?
"AI has the potential to bolster the cybersecurity landscape and help better protect organisations in the face of threats. However, it can also be a double-edged sword.
“On the one hand, it promises improved threat detection and response, predictive capabilities and operational efficiency. On the other hand, it creates new challenges, including hackers also being able to use its speed and automation offerings to enhance their malicious practices. With this comes the need for new solutions and an ever-evolving approach to data privacy and ethics. It also means that human operators need an intricate understanding of how the model works to trust its decisions.
“While this remains a challenge, AI still has the potential to bring considerable benefits to the cybersecurity landscape; for example, it can quickly analyse vast amounts of security data for an enterprise and make predictions rooted in continuous, real-time learning. That level of insight means it can support cybersecurity teams to better and more accurately identify threats, such as anomalies in network traffic or suspicious email content that is harder to catch by a human operator.
“AI can then further predict future threats or vulnerabilities by learning from these past incidents and threat intelligence feeds. Ultimately, it reduces the time to discover and respond to attack attempts, allowing security teams to focus on more strategic tasks rather than continuous threat mitigation.
“Although content creation may not be the first to come to mind when one thinks about AI and cybersecurity, it is an essential capability for security awareness training. By using AI to personalise training modules, the content delivered can draw on the end users' roles, past behaviours and common threats they may face. That level of specificity in training can diminish human error, which is a critical factor in many security incidents.”
How do you think that organisations can best reduce attack surfaces? What measures can they take?
“The attack surface represents potential vulnerabilities and entry points that malicious actors can exploit. To enhance security, organisations must minimise the attack surface across all domains, including edge, core and cloud, and this can be more easily achieved through automation.
“Reducing the threat surface involves implementing preventative measures, including a Zero Trust Framework. Zero Trust is a security model centred on the belief that an organisation should not automatically trust anything inside or outside its perimeters. Instead, an organisation must verify everything trying to connect to its systems before granting access.
“A Zero Trust model can be achieved by incorporating micro-segmentation, identity, and access management (IAM), multifactor authentication (MFA) and security analytics.
“Additionally, data isolation, where data is segregated into separate environments, containers, or storage units, can minimise the risk associated with unauthorised access, data breaches or other forms of cyberattacks.
“Strict access controls can also reduce the attack surface by regulating who or what can view, use or manipulate resources within a computing environment. Strict access controls are a cornerstone of a robust cybersecurity strategy, serving as a first line of defence against unauthorised access and potential breaches.
“Organisations can reduce attack surfaces by patching systems and applications and fixing known vulnerabilities that attackers could exploit to gain unauthorised access or compromise the system. Failing to apply patches promptly leaves an organisation exposed to risks.”
What is Dell Technologies doing with AI to ensure improved threat detection and response?
“We believe that modern cybersecurity should be intelligent, scalable, and automated.
“Our strategy involves staying ahead of the curve by leveraging the power of AI and ML to safeguard digital infrastructures and maintain trust in the digital realm. Internally, education is paramount to our approach. We continuously educate our user base on cybersecurity basics, conducting activities such as phishing attack simulations and internal seminars to raise awareness.
“We also encourage the responsible use of AI, allowing individuals to experiment with AI contributing to a more informed and tech-savvy community.
“One of our key initiatives is the Project Fort Zero approach to transforming security, which we also actively implement internally. We understand that no single organisation possesses a silver bullet solution to the complex challenges of cybersecurity, so we strongly emphasise on building open architectures and a broad ecosystem of partnerships across the cybersecurity industry. This collaborative approach allows us to provide a unified and holistic strategy for building intrinsically secure infrastructure and platforms for our customers.
“For example, one of the areas of focus for Dell Technologies is providing solutions around Vulnerability Management leveraging an advanced ML-based platform to scan an organisation's IT environment at periodic intervals, providing a complete view of vulnerabilities across its endpoints, network infrastructure and cloud assets.
“A report outlines each vulnerability and assigns a priority ranking of low, medium, high, or critical. This approach helps customers prioritise patching efforts on their most high-risk vulnerabilities and critical assets.
What do you predict the next 12 months will look like for businesses from a cybersecurity perspective? How does AI fit into this?
“The next 12 months will be pivotal for deepening the relationship between AI and cybersecurity within organisations. As we embrace the era of Generative AI, our approach to cybersecurity must continue to evolve alongside technological advancements.
“As AI fundamentally relies on data, control over this will become paramount. To trust these AI models, more organisations must prioritise a better understanding of their data, including its source, quality, and context. Businesses must also make sure they can train AI models on their specific data and operate based on the businesses' unique needs.
“AI will be a force multiplier to digital transformations globally. It will drive record productivity levels and allow businesses to serve customers in new and unique ways. But to unlock the power of artificial intelligence, CIOs will have to standardise and automate processes, toolchains, and workflows. They will have to rethink data storage and data pipelines and break down silos to mobilise data more than ever before.
“And, of course, they will need to think through intrinsic and zero trust security. To accommodate this business transformation, organisations must adopt modern, software-defined architectures and open ecosystems built to securely support AI from edge to core to cloud.”
******
For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.
Other magazines that may be of interest - Technology Magazine | AI Magazine.
Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.
******
BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.
BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.
