Security and AI in the Hybrid Workplace
DJ Sampath, vice president of AI at Cisco, provides insights from the 2024 Cisco Cybersecurity Readiness Index on AI, security and the hybrid work landscape
In today’s hybrid work environment, the role of AI in cybersecurity has never been more crucial—or more complex—as AI bolsters security practices while simultaneously posing new threats. To explore the complicated relationship between AI and security, TechChannel interviewed DJ Sampath, vice president of AI at Cisco.
In this Q+A, Sampath offers insights from the 2024 Cisco Cybersecurity Readiness Index, highlights key challenges of implementing AI into modern IT infrastructure and how to overcome them, and discusses how business leaders can safeguard their data and networks in the ever-evolving cybersecurity landscape.
TechChannel (TC): How is AI currently revolutionizing the IT industry, particularly in terms of efficiency and operational improvements?
DJ Sampath (DS): AI is changing how organizations approach security. It gives security teams the extra time and capabilities they need to monitor their attack surface and remediate threats.
According to our 2024 Cybersecurity Readiness Index, AI is helping security practitioners get ahead of the continuous influx of attacks on systems, allowing defenders to gain an advantage over adversaries for the first time. For example, we found that 60% of organizations are leveraging AI tools to help detect threats, and almost half (48%) are relying on AI to respond. This enables the IT industry to prioritize bigger issues and help the team operate at maximum efficiency.
With AI, organizations can assist, augment and automate security workflows:
- Assist: Advances in large language models makes it easy to communicate using natural language to complex systems, making it easy to get tasks done.
- Augment: Billions of signals generated from different sources of telemetry need to be synthesized meaningfully. AI summarizes and correlates these signals for human consumption.
- Automate: AI takes away the mundane tasks we have to perform repeatedly. Automation with humans in the loop is a critical aspect of how we see AI fundamentally driving efficiency within security.
TC: What are some key challenges IT professionals may face when implementing AI in their infrastructure, and how can they leverage these challenges into opportunities for growth?
DS: According to the AI Readiness Index, in order for businesses to truly be AI-ready and implement automation safely and ethically, there are six areas that organizations need to focus on to prevent potential challenges. Organizations need to ask themselves the following:
- Strategy: How clearly defined is an organization’s AI strategy—who owns it and how is it being prioritized?
- Governance: How and where is the data being stored, processed and evaluated for policy compliance?
- Infrastructure: What is an organization’s compute power, network performance, cybersecurity capabilities and readiness to support increased power consumption?
- Talent: Do companies currently have adequate talent to match their goals, and what are the steps being taken to ensure efficiency?
- Data: What is the quality of centralization of in-house data, the sophistication and scalability of analytics tools, the proficiency of staff in leveraging AI data sets and analytics tools, and the quality and reliability of external data?
- Culture: How receptive is each level of the company to the changes triggered by AI, and how are the possibilities that AI brings being communicated through change management?
TC: In what ways does AI enhance IT security? Conversely, in what ways does AI pose a threat to IT security?
DS: AI can help organizations make informed decisions to reframe how they think about security outcomes. AI is transforming nearly every area of cybersecurity—meaning both attackers and defenders must evolve their approaches.
AI eliminates the guesswork around threats. Our Cybersecurity Readiness Index found that 87% of leaders use AI or generative AI technologies to better understand threats. AI has the ability to be the solution that IT security needs to defend against the sophisticated threat landscape and help organizations augment what humans cannot do to help close the gap.
However, the biggest threat to IT security is organizations’ failure to prepare for AI-based attacks. We found that only a quarter (25%) of organizations lack specific measures to mitigate cybersecurity threats from AI, and 68% of companies fall short of being “fully equipped” to detect and prevent adversarial attacks on AI models, with four in 10 (39%) considering themselves only moderately equipped. This means that while the industry is tracking to an AI-based future for security, it is still not ready to fight the threats it’s facing.
TC: What can IT leaders do to safeguard their data and their networks?
DS: Cisco’s 2024 Data Privacy Benchmark Study found that 94% of respondents recognized their customers will not buy from them if they don’t adequately protect data, and 91% recognized the need to do more to reassure customers that their data is being used for intended and legitimate purposes.
One critical element and enabler for building and maintaining customer trust is privacy. Governments, organizations and individuals must continue to play their respective roles, ensuring that personal data is protected and used only when legal and appropriate.
We recommend IT managers, CISOs and security leaders review the following recommendations to best protect their data and networks:
- Provide greater transparency in how your organization applies, manages and uses personal data, as this will go a long way toward building and maintaining customer trust.
- Establish protections, such as AI ethics management programs, involving humans in the process and working to remove any biases in the algorithms when using AI for automated decision-making involving customer data.
- Apply appropriate control mechanisms and educate employees regarding the risks associated with generative AI applications.
- Consider the costs and consequences of data localization and recognize that local providers may be more expensive and degrade the functionality, privacy and security of your data when compared to global providers operating at scale.
- Continue to invest in privacy to realize the significant business and economic benefits for your organization.
TC: According to the inaugural Cisco AI Readiness Index, most companies are currently categorized as Followers, meaning they have limited preparedness for AI. From a security perspective, this is alarming. Should organizations be moving faster to get ready for AI, especially in light of the security challenges posed by the technology?
DS: AI is here to stay. It’s been in the industry for a while, but now it’s more accessible and being built into products. If organizations haven’t thought about AI, they are behind. In fact, our AI Readiness Index reported that cybersecurity and IT are the two industries most urgently deploying AI.
These industries are hyper-aware of the security challenges. However, in that same study, 97% of the respondents said their organizations feel the urgency to deploy AI technologies. Leaders know it is time to move quickly and, more importantly, prepare correctly for AI. As organizations adapt AI at a rapid pace, it will be essential they also implement the correct systems to ensure accuracy and ethics across all AI tools.
TC: This Cisco blog talks about the need to combat threats at a machine scale not a human scale. Can you explain what this means?
DS: Attackers have to be right just once, but defenders need to be right every single time. Leveraging the power of AI allows us to reimagine the future of work—to keep up with today’s rapidly changing threat landscape, we need to work at machine-level speed. With Cisco’s latest enhancements, AI usage tips the scale in favor of defenders for the first time in cybersecurity defense history.
TC: In the same blog post, it is mentioned that hybrid/remote work expands the threat surface. Can you explain some of the ways that hybrid/remote work does this, particularly in light of AI?
DS: Of course, the industry needs to think of the attack surface as all systems connected to the internet. Today, we work from anywhere and everywhere, from our laptops to tablets and phones, and the threat landscape shows it. Leaders need to consider how AI increases cybersecurity vulnerabilities as it adds another attack surface and potential exploitation points.
Expanding the identity perimeter already does this, with employees connecting to different networks in different locations. Therefore, adding another layer of the threat landscape to an enterprise that is hybrid/remote—as well as the organization’s cybersecurity resilience—must be taken into careful consideration.
TC: Do you have any closing thoughts?
DS: The threat landscape is expansive, and with AI, threat actors are becoming more sophisticated in their tactics. Cisco continues to be a leader in security and AI, working to power and protect the engine of the AI revolution.