Saturday, November 2, 2024

Fortifying Digital Infrastructure: Why Companies Must Strengthen Cloud Security Before Going ‘All In’ on Generative AI

Must read

Cloud computing has quickly become the bedrock of modern business operations, offering teams scalable, flexible and cost-effective data solutions. Yet, according to a recent Cloud Security Alliance survey, only 23% of organizations reported “full visibility” into their cloud environment. A full 77% of respondents also “feel unprepared to deal with (related) security threats.” The findings point to broader complexity – and so some uneasiness – still tied to the cloud. This can pose real challenges, including lax controls or misuse of cloud assets, which eventually may lead to unintended and unnecessary risk exposure of some of the most sensitive and mission-critical infrastructure supporting the organization.

While the technology certainly enables greater efficiency and connectivity, among other perks, it introduces inherent security challenges. This is particularly true if organizations have a limited contextual view of their cloud assets, digital identities and permissions, which can be leveraged by threat actors. Tackling related security challenges requires proactivity across the board, an area where generative AI (GenAI) can lend a hand, with a caveat.

GenAI can autonomously scrutinize a range of assets, vulnerabilities, threats and other datasets, and pinpoint organizational risks – offering context far faster than its human counterparts. The technology also has great potential for scaling and automating security practices, but to be effective, organizations need to have a strong security foundation.

Sorting Organizational Assets

To be clear, the security potential of GenAI is promising. Let’s illustrate: Consider an entire fleet of enterprise workstations and endpoints. Now, consider the time-consuming process of reviewing cloud resources for misconfigurations and vulnerabilities or fine-tuning permissions and entitlements to achieve least privilege. If performed manually, this is a lengthy process and can leave the organization vulnerable to attacks.

Automated features built into GenAI tools like creating human-readable and clear explanations of findings can cut down on that processing time, ingesting diverse datasets and swiftly furnishing context to analysts. It can even pinpoint devices known to be affected. But, more on that later as I believe there are some important preliminary hurdles to clear before teams lean too heavily on this type of AI.

Preparedness is Key

Despite AI’s luster, organizations should prioritize fundamental cloud security controls, and ensure their infrastructure is sufficient before building out their GenAI toolkit. Think of GenAI as a colleague that you can inform and guide. As the garbage in, garbage out concept suggests, if you have poor foundations and provide GenAI with wrong guidance, you will simply get the wrong kinds of outputs and scale the wrong things. Premature deployment of GenAI can set businesses down a path of misuse (or underuse), or spur wider confusion in an already complex environment. Of course, this complexity could deepen, should organizations change their cloud service provider or provision new assets.

By remaining focused on the fundamentals, however, organizations will firm up their security posture. So, amid any cloud migration or SLA change, teams should first ensure the following:

  • Comprehensive visibility and monitoring capabilities
  • Effective, codified management processes for identities and permissions
  • Robust data protection measures, particularly in multi-cloud environments
  • A single-pane view of telemetry data from disparate application and infrastructure security tools
  • The ability to fuse information about multiple aspects of security such as network, posture, identity, etc., to identify toxic combinations of attack paths that leave your organization vulnerable

Elevate Security Posture

It may sound peculiar that an integral piece of the GenAI adoption journey is avoiding it until the organization hits a certain maturity level. But, this is the kind of thoughtful decision-making that can pay dividends over time. With the proper rails in place, AI can more effectively scan environments and mitigate overall risk.

However, for those AI enthusiasts: Don’t fret. Once the organization’s cloud architecture is validated by security, risk and compliance teams – along with buy-in from leadership – it may be time to deploy AI’s watchful eye. Again, there are several benefits that it can present.

First, let’s revisit the potentially misconfigured cloud resources scenario from earlier. In real-time, GenAI tools can significantly narrow down the number of potentially vulnerable resources. It can provide contextual analysis, pinpointing areas of greatest risk to the organization, as well as identifying workloads that don’t meet your regulatory, legal, compliance and other standards.

Armed with more granular insights provided by GenAI, security teams can quickly determine where to concentrate efforts and prioritize patching. In doing so, they’ll neutralize a potentially catastrophic business risk.

The Dependable Copilot

The ability of GenAI to hone in on specific threats in cloud environments is certainly impressive. In more mature cloud environments, GenAI can also:

  • Simulate a multitude of attack scenarios – stress-testing the infrastructure and applications in a controlled environment before deployment.
  • Dynamically adjust access privileges based on user behavior patterns – identifying anomalous activity and then acting on it by halting unauthorized access.
  • Automatically trigger the incident response chain in the event of a cyber incident, slashing response times and reducing the need for excessive manual inputs.
  • Automate the creation of threat intelligence reports – AI can synthesize telemetry data and generate unique insights faster than ever, which practitioners can then further analyze.
  • Create simplified explanations of findings in an easy-to-digest format, enabling security practitioners to communicate security status with key stakeholders succinctly.

The Measured Approach

GenAI can truly help move the needle in cloud security. Still, in my many industry conversations, I urge organizations to focus on those fundamentals before taking a headlong dive into AI. This way, organizations can establish and then familiarize themselves with their cloud assets and capabilities before offloading key workflows.

GenAI should be deployed as any technology in a result-oriented approach – establish a clear purpose the organization already fulfills in some other way, define clear KPIs, measure the results, communicate results with stakeholders and then expand adoption or revert it based on those results.

This deployment timeline is beneficial for the practitioners charged with cloud management and oversight and will arm the AI with the parameters and data it needs to be successful.

Latest article