This year has shown that security teams must play a greater role in combating advanced attacks by helping organizations better understand risks and educating employees. “Using AI and machine learning can help counterintelligence efforts, help teams make decisions and counter attacks by ingesting large amounts of data,” he said.
Third-party threats have become more sophisticated and widespread
The growing dependence on third parties continues to promote breaches that endanger user communities and at the same time, they have become more complex in different areas, according to Bethany De Lude, CISO at The Carlyle Group.
“As companies have adopted more cloud-based and SaaS business models, new challenges have emerged in managing risk in an information environment defined by ownership – not a traditionally controlled boundary,” he says.
In response, De Lude believes that new, effective methods of data and vendor management will emerge that take into account the changing boundaries and how security is more focused on who has access to data and systems, rather than where those systems are located.
“They will have to deal with how modern businesses operate in a complex, connected and distributed environment,” he said.
AI and automated risk management
This year it showed how new tools that use AI to automate Q/A testing and regression at scale reduce the burden on teams and accelerate safe and efficient repair processes, according to Rick Doten, VP, information security and CISO at Carolina Complete Health.
“These corrective action tools support prioritization, normalization, and iteration of findings to be routed to the appropriate team, and tickets are created to assign to specific individuals,” he says.
While this can already be done with security orchestration, automation, and response (SOAR) tools, it requires people to create automated documents and processes and workflows to support automation.
AI-backed tools address resource limitations and the challenge of responsibility for fixing findings across teams that may have different maintenance workflows and ticketing systems. “With the dynamic nature of cloud environments, of course [AI tools are] it’s important because we have tens of thousands of items found that need to be fixed at work,” said Doten.
Source link