Cybersecurity has become an increasingly important issue for businesses of all sizes. They are also realizing the importance of staying on the cutting edge of data protection as technology evolves and new threats emerge in order to protect their company and assets.
During a roundtable discussion organized by Microsoft, on Thursday, security experts discuss the current threat landscape of cyber-attacks, with a focus on the growing use of artificial intelligence (AI) by businesses and threat actors. They also explore how businesses can utilize AI to enhance their cyber resilience.
“Security is one of the top two priorities for every organization and is integral to driving sustainable innovation across all industries,” said Irina Ghose, the Managing Director of Microsoft India.
Shedding light on the role AI can play in developing scalable solutions to combat emerging cyber risks Ghose said, "At Microsoft, we have always prioritized embedding built-in security and responsible AI in our technologies as we strive to shape the world."
Chandan Pani, Chief Information Security Officer (CISO) at IT services company LTIMindtree, emphasized the need for a fresh perspective on the future of security. He said, "With the rapid advancements in AI and the widespread adoption of cloud technology, we are seeing technology permeate into personal domains and areas where it was previously absent. As a result, trust in online systems is being challenged.”
Pani suggested distributing the responsibility for cybersecurity to end users by enabling them. He believes that human beings are the strongest enablers in cybersecurity and that AI can be used to automate routine tasks such as orchestration and compliance requirements.
Akshaya Patel, the General Manager and CISO at NTPC Limited, a public sector company in the power generation space, noted, “The digitization wave sweeping across industries has significantly increased the demand for robust security measures. Traditional boundaries are blurring, and the integration of AI adds an extra layer of complexity to the situation.”
Patel also said that while AI contributes to the complexity of security threats, it also presents an opportunity to effectively counter those threats. For example, AI can help with faster malware detection, phishing detection, security log analysis, network security, endpoint security, and more.
In addition, experts believe that emerging technologies, like Generative AI, which gives rise to a new generation of cyber threats, can at the same time, strengthen business defense. By analyzing large amounts of data and recognizing patterns and anomalies, generative AI can quickly identify threats as they arise.
According to Ghose, to fully realize the transformative potential of AI, it is essential to responsibly harness the technology and establish a framework of trust. “Developing a comprehensive responsible AI framework that includes practices, tools, governance, responsibilities, and more is crucial. This framework should enable responsible AI by design, resulting in increased transparency and trust across the AI lifecycle,” she said.
The leaders also emphasized the importance of fostering a cybersecurity-focused culture for long-term organizational success. They highlighted the need for a model that empowers end users with AI tools and skills, placing responsibility in their hands as a crucial step toward strengthening cybersecurity.
According to Surfshark, India ranks second globally in the number of data breach cyber-attacks on its enterprises and 14th in average data breach costs. Specifically, the average cost of data breach in India has reached an all-time high of ₹17.9 crore, according to the Cost of a Data Breach report 2023 by tech major IBM published on 23 July. This is close to a 30% increase in the breach incidents in 2020, the report said.
The most common type of attack in India is phishing, followed by stolen and compromised credentials. Social engineering, a manipulation technique to solicit information from people, was termed as the ‘costliest’ root cause of data breaches at ₹19.1 crore, followed by malicious insider threats (₹18.8 crore).
“The report further shows that security AI and automation had the biggest impact on keeping breach costs low,” said Viswanath Ramaswamy, vice president, technology, IBM India and South Asia. He added that companies which used AI were able to limit the data breach time cycle to 225 days, compared to 378 days taken by companies which did not. Such organisations with extensive use of security AI and automation could also cut data breach costs by ₹9.5 crore.