Use AI to Produce Content to Alert Users to Cyberthreats
It might be easy for me to question why you must open attachments or click on links, but the truth is that my customers are driven to conduct their business. You have to look through the eyes of the customer, and the customer has to open that message. So, the challenge that we are tackling is how we can use AI to share awareness information. We want to share that information to educate coworkers on what adversaries look like today.
As a cybersecurity professional, I may write in geek speak. It may make sense to me, but it may not make sense to my customers. How can we understand our adversaries and create content to educate our coworkers?
How can we leverage AI to create that content? From a staffing perspective, we have successfully grown our team, but we have to apply a certain level of prudence because we cannot hire everyone. How do we develop that content to distribute to our users so they understand the next trick an adversary will use to ensnare you?
In the cybersecurity equation, it’s always going to be the adversary, the cybersecurity program and then the user. The user and the cybersecurity professional must partner to combat what the adversary can do. The cybersecurity program cannot succeed without the user.
If the only time user see something from the cybersecurity program is once a year in a training session, I have failed in my job of telling users what the adversary looks like. How can we use the awareness program to advise the user community on how we have seen the adversary change and provide them with actionable information to defend themselves?
UP NEXT: GSA is assessing generative AI.
Analyze Patterns with AI to Thwart Malicious Activity
AI allows us to look backward to empower people to move forward. When you look at AI and cybersecurity, it’s all about analysis. Use analysis to understand what daily routines look like and how they might change. You can certainly throw more people at the problem of looking at logs or alerts or things that don’t seem quite right.
How can the machines learn what the network is doing on a day-to-day basis to look for anomalies, then pass this information off to our analysts?
Instead of focusing on 15,000 devices with a standardized image, look for the one that demonstrated different activity. Allow ML to absorb what the network looks like and to determine what’s normal and when something is wrong.