By Jony Fischbein is CISO at Check Point Software Technologies
2023 may go down in history as the year of Artificial Intelligence (AI) – or at least the year when business leaders and consumers alike became obsessed with generative AI tools like ChatGPT. Cyber security vendors are not immune to the hype. At the 2023 RSA conference, nearly every keynote included discussion on AI.
And for good reason. AI has tremendous potential to transform the cybersecurity industry. Check Point Research analysts have been tracking the use of AI by cyber criminals, who are using it to create more realistic phishing emails and to speed-up the process of creating malicious files. The good news is that the “good guys” are also working to incorporate AI into cybersecurity solutions. AI can be used to automatically detect and prevent cyberattacks. It can prevent phishing emails from ever reaching your inbox. And it may also reduce the time-consuming false positives plaguing IT teams.
Unfortunately, it can be difficult to parse the AI hype to understand what is real and what is simply marketing fluff. As with any new technology, there is a learning curve and many new companies are just now adding AI capabilities. When your job is to protect your company from its ever growing threat landscape, it is essential to thoroughly vet new technologies before deploying them.
So what should you look for when assessing whether to incorporate AI into your cyber security strategy? I recommend approaching AI like you would a candidate for a job on your team. Assess its effectiveness, ease of use and trustworthiness.
How is the AI being used to augment cybersecurity capabilities? One of AI’s benefits is its creativity and ability to make previously unheard of – yet genius – decisions. In 2016, Google DeepMind’s AlphaGo AI beat the reigning Go world champion, Lee Sedol. Go is an ancient and exceedingly complex strategy game. During the match, AlphaGo made a move that confused Go experts, who thought it was a strange mistake. But Move 37, as it came to be known, was actually the turning point for the match – and one which Sedol wasn’t able to overcome. It’s not a move a human would have made. Look for a solution that uses AI to prevent threats that other vendors can’t even yet detect. Ask about their innovation cycle and what threats they see on the horizon.
What is the level of AI expertise? With the current popularity of AI, many companies are rushing to add some level of AI capabilities to their products. But in this economy, CISOs are being asked to run operations more efficiently and need to justify budgets. There’s no need to pay for limited AI capabilities. Ask for third party validation of their AI solution’s accuracy to determine whether they are providing real value or simply creating more noise and false alerts.
Can AI technologies be trusted? AI models are only as good as the quality and quantity of the data they are trained with. According to Stanford Professor James Zou, “One of the best ways to improve algorithms’ trustworthiness is to improve the data that goes into training and evaluating the algorithm.” Look for a solution that provides real-time threat updates and has a large customer base. The more customers, the more training data available for the AI.
With the rate and sophistication of cyberattacks increasing every year, as CISOs we need every advantage we can find to protect our data and teams. AI may offer a powerful advantage, as long as we are deploying trusted solutions that move beyond hype to reality.
-Jony Fischbein is CISO at Check Point Software Technologies