Express Computer

Home  »  Interviews  »  Convergence of AI and cybersecurity has truly transformed the CISO’s role: Rajtilak Majumdar, PwC

Convergence of AI and cybersecurity has truly transformed the CISO’s role: Rajtilak Majumdar, PwC

InterviewsNewsSecurity
By Atreyee Chakraborty
0 163

As cyber threats grow in sophistication and cloud adoption accelerates, the intersection of artificial intelligence and cybersecurity is fast becoming both a necessity and a competitive advantage for organisations. In this in-depth conversation, Rajtilak Majumdar, Deputy CISO at PwC, shares his expert perspective on how AI is transforming cloud security from real-time threat detection and predictive analysis to governance, transparency, and AI-versus-AI defence strategies. Drawing on practical experience, he discusses the evolving role of CISOs, the core pillars of AI-enabled protection, and the importance of aligning cutting-edge technology with robust governance frameworks to secure today’s hybrid and multi-cloud environments.

PwC’s 2024 Global Digital Trust Insights found that one in every four organisations experienced a data breach in their cloud environment in the past year. Given this, how do you see AI transforming the way organisations detect and neutralise threats in real time across the cloud or broader ecosystem?

That’s an important point. Whilst the challenge is often associated with the cloud, AI’s role extends to on-premises infrastructure as well. The most significant impact of AI in security at present is in automation and predictive analysis. Automation especially when enhanced with AI, such as integrating models like Copilot Security with tools like Microsoft Sentinel allows organisations to monitor thousands of indicators of compromise in milliseconds and receive instant assessments. This kind of automated detection and response was previously a highly manual and time-consuming task.

Predictive analysis is another crucial advantage. For example, with AWS GuardDuty, we can analyse massive volumes of cloud activity logs and instantly flag anomalous behaviour, such as unauthorised data access from unusual locations. Tasks that might have taken a security engineer hours can now be achieved in minutes, thanks to AI.

Nevertheless, the technology isn’t yet fully matured; human-led oversight and monitoring remain essential. But AI is certainly helping to quickly trigger and isolate problematic workloads, not just reactively but proactively, as predictive analysis capabilities improve.

According to PwC, 53% of businesses are now embedding AI into their cybersecurity strategies. What does this convergence of AI and cybersecurity mean for the role of a CISO in the cloud era?

The convergence of AI and cybersecurity has truly transformed the CISO’s role, especially post-pandemic when user locations and systems have become unpredictable. Traditionally, CISOs operated primarily as reactive defenders responding to alerts and attacks as they arose. Now, with AI-driven predictive analysis, we’re moving into a much more proactive space. CISOs are becoming strategic risk managers, able to anticipate threats and respond with advanced tools. Implementing concepts such as zero trust where verification is required for every access request, no matter where it originates, makes it easier to pinpoint and neutralise attacks. Alongside defending against threats, CISOs must ensure robust governance and policies that account for rapidly changing business and technology landscapes, particularly since access patterns, application architectures, and the location of data and users are constantly evolving.

With increased digital complexity and rising cloud workloads, visibility across environments is a top concern for security leaders. How are you leveraging AI to help bridge this visibility gap and provide actionable intelligence across hybrid and multi-cloud setups?

Visibility is indeed a major challenge, but AI makes it far more manageable. AI-driven platforms can integrate with a wide range of tools, endpoint security, DLP, vulnerability and file integration management. These tools now regularly include AI-powered analytics. For example, unlike traditional anti-virus solutions relying solely on signature-based detection, AI-powered systems can monitor application behaviours for anomalies (such as a calculator programme attempting to connect to external servers). Similarly, advanced behavioural analytics allow us to detect deviations from standard user profiles, helping to spot abnormal or risky activity much more quickly. These advances give us holistic visibility across users, applications, and infrastructure, an essential benefit in today’s hybrid and multi-cloud environments.

What are the core pillars required to achieve real-time threat detection in the cloud using AI?

Achieving real-time threat detection in the cloud through AI requires the integration of several foundational pillars that work in concert to address the complexity and speed of modern digital environments. At the heart of this approach is the adoption of a Zero Trust Architecture: rather than assuming implicit trust based on network perimeters, this model treats every access request whether to data, applications, or infrastructure as potentially hostile, enforcing strict verification and comprehensive compliance controls. Alongside this, Unified Data Collection and Integration is essential, demanding the continuous aggregation and correlation of logs and telemetry across a vast array of devices, applications, and user activities. This ensures that the monitoring systems have a panoramic and current view of the entire operational landscape. Central to effective detection are Advanced AI and Machine Learning Models, which use behavioural analytics, anomaly detection, and pattern recognition to uncover both familiar and novel threats, sometimes even identifying risk to employee wellbeing via monitoring of unusual activity patterns. To handle the deluge of alerts and respond with agility, Security Orchestration, Automation, and Response (SOAR) platforms automate routine security actions, enabling human engineers to concentrate on higher-level analysis and decision-making. Moreover, given the relentless evolution of both technology and adversarial techniques, continuous learning and adaptation is indispensable: policies, processes, and skills must be regularly updated to keep pace with advances in AI tools and threat tactics. It is also crucial to leverage cloud native security architecture by understanding and enabling the security features provided natively by cloud platforms such as AWS, Azure, and GCP, thus avoiding unnecessary duplication and taking advantage of the latest innovations. Finally, integrating threat intelligence and governance ensures that AI-driven detection is enriched with up-to-date threat feeds, and that all processes are underpinned by clearly defined, regularly reviewed policies and governance mechanisms aligned with both organisational AI goals and the regulatory environment. Collectively, these pillars enable organisations to detect, respond to, and neutralise cyber threats in real time, safeguarding the cloud ecosystem against both current and emerging risks.

With AI taking centre stage in security and many new threats emerging, how are CISOs ensuring that AI-based threat detection remains explainable and auditable, especially when dealing with regulators and boards?

To be honest, the industry is not fully prepared yet. Many tools offer advanced services, but whether they are truly explainable AI (XAI) is a key concern. Clear, transparent reasoning behind AI-generated alerts is not always available, which can result in false positives and ambiguity. Human oversight is still vital for clarification. When selecting tools, CISOs must prioritise transparency and auditability. Detailed audit trails are not just a regulatory requirement, but essential for passing standards such as ISO. Establishing a robust AI governance framework with risk-based approaches tailored to business needs helps to ensure accountability, explainability, and regulatory compliance. Also, knowing exactly where data comes from and who has access, particularly when using AI models such as generative AI, is crucial.

With AI now being weaponised by threat actors, what proactive strategies should CISOs adopt to build AI-native defences in the cloud?

Threat modelling must evolve. Traditional frameworks need to be updated for the AI age. Certifications and frameworks focused on AI governance help in this area. Proactive, AI-augmented threat hunting enables security teams to continuously analyse patterns and detect anomalies with large datasets, something manual teams cannot match. But transparency of these AI detections is vital. Continuous model monitoring is needed to adapt to changing business and compliance requirements.

Advanced deception techniques, such as AI-driven dynamic honeypots (decoy assets), can confound attackers by adapting based on their behaviours in real time. Zero trust also remains central, especially as it integrates user behavioural analytics. AI-based red teaming using AI to simulate attacker tactics can further test and improve security strategies.

Do you think the future of security is a race between your AI and your adversaries’ AI?

Absolutely. Adversaries are already using AI and are intimately familiar with their tools and data. Defenders must know their environment intimately and build or thoroughly vet their own AI. It’s imperative to stay ahead by continuously innovating and adapting.

Atreyee Chakraborty
You might also like More from author
Leave A Reply

Your email address will not be published.