AI and ML: The Keys to Better Security Outcomes

December 6, 2023

From reducing complexity in the architecture to supercharging risk posture, building cyber resilience should be top-of-mind for every organization. But what does it take to achieve true cyber resilience in today’s rapidly changing cybersecurity landscape? How do you stay ahead of the latest threats while defending against zero-day attacks?

 

I had the pleasure of speaking with Anand Oswal, senior vice president and general manager of network security at Palo Alto Networks. He shared his thoughts on the direction of enterprise security and how organizations can prepare for what’s next.

 

 

Three Major Trends in Cybersecurity

 

  1. The Move to the Cloud
    Cybersecurity is constantly evolving, but the present landscape is undergoing a distinct transformation.

    According to Oswal, more workloads are rapidly moving to the cloud, with network and cloud security architects rethinking how to secure their shifting infrastructures. Migrating from on-premise data centers to the cloud often leaves critical security gaps, and misconfigurations open organizations to attack.

  2. Remote and Hybrid Work
    Despite recent return-to-office initiatives across the industry, flexible work arrangements are here to stay. Oswal notes that organizations are grappling with securing applications and users wherever they are located.

    “Ensuring that we’re able to secure a hybrid workforce in a consistent manner with best-in-class security — and also have consistent policies for users no matter where they are — is going to be very critical.”

  3. The Changing Threat Landscape
    Oswal explains that adversaries are using artificial intelligence (AI) and machine learning (ML) to launch sophisticated cyberattacks. These malicious actors can generate attacks at scale and overwhelm traditional cyber defenses.

 

 

The Role of Data in AI

Our discussion goes deeper into the impacts of AI and ML on cybersecurity. Oswal emphasizes how traditional approaches to cybersecurity can’t keep up with today’s threats.

 

Take URL filtering as an example, where policies were created based on URLs labeled and stored in a database. Today, malicious actors can easily activate and deactivate URLs, making databases obsolete before security teams can respond.

 

He also emphasizes that AI and ML are key to analyzing data and recognizing attack patterns. This requires large amounts of data from across your infrastructure — network, endpoint, cloud and other critical enforcement points. When stitched together, this data provides key insights into your infrastructure, drives attack recognition and enables rapid incident response in the event of a breach.

 

“You can only have good cybersecurity through AI and ML. It’s almost impossible to do it manually,” says Oswal. “Cybersecurity is the only industry with active adversaries. Those adversaries are using the power of AI and ML, and attacks are getting more and more sophisticated.”

 

 

Why Security Consolidation is Key to Better Outcomes

Pulling data from across your entire infrastructure for AI is challenging when your products and services are siloed. They use different datasets, contexts, logging conventions and UIs, hindering AI’s ability to recognize patterns. But with security consolidation, your security products work seamlessly together to share intelligence and defend against sophisticated attacks.

 

Consolidation is more than using AI to detect threats, as Oswal explains. It also reduces “the overall complexity of your environment.” Today’s organizations on average employ 31.5 security tools — each with its own procurement, implementation and maintenance requirements.

 

By consolidating your detection tools, you can significantly reduce the resources needed to manage these processes, build strategic relationships with your vendors and achieve better security outcomes.

 

 

Securing Your Organization Starts with Consolidation

So, what advice does Oswal have for security leaders in today’s changing cyber environment? It all comes down to the right approach.

 

“As you look at consolidation, an important factor is: how do you ensure enterprise-wide Zero Trust? How do you get consistent security for users accessing applications and data from any device, on any network, from any location? How do you get consistent best-in-class security? How do you ensure the most optimal user experience? And how do you ensure the best experience for NetSec admins? All of this is only possible when you have a platform-centric approach.”

 

Security leaders have a tremendous opportunity to rethink their defenses and build an AI-driven risk posture. That starts with choosing a partner that combines best-of-breed security with a platform approach.

Lakshmi Kandadai
Director of Product and Solutions | Palo Alto Networks
Lakshmi Kandadai serves as director of product and solutions marketing at Palo Alto Networks. She is responsible for driving the marketing strategy and execution — from awareness, enablement and demand generation for cross-portfolio.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.