Gaining an Edge: Using AI to Thwart Cybercriminals with AI-Facilitated Attacks

It's important to be aware of both the benefits and dangers of AI.

Edward Gately, Senior News Editor

October 12, 2023

9 Min Read
Gaining an Edge panel at CFLS helps thwart AI hackers
Golden Dayz/Shutterstock

Artificial intelligence (AI) can give partners an edge against cybercriminals who are increasingly using AI to strengthen their attacks and improve their chances for success.

It’s a well-known fact that cybercriminals are taking advantage of AI to facilitate their attacks. This is concerning for every partner working hard to protect not only their own organization from attacks, but secure their customers as well.

However, while AI presents an additional challenge for defenders, it also provides an opportunity for them to beef up their defenses and stay one step ahead of cybercriminals.

In the Channel Futures Leadership Summit session, “Gaining an Edge in Cybersecurity with AI: a Channel Partners Playbook,” Oct. 31, MSPs and other channel partners will learn how they can incorporate AI into their arsenals to better protect themselves and their customers. Incorporating AI into a cybersecurity practice can provide MSPs with a competitive advantage and help generate more revenue.

‘Gaining an Edge’ Panel of Cyber Superstars

Sam Ruggeri, Lincoln IT‘s vice president of business development and strategic partnerships, will moderate the session. Panelists include:

In a Q&A with Channel Futures, Diaz, Daley and Rajagopal provide a sneak peek of what they’ll share during the session.

Get in on The New Style of Leadership. Register now for the No. 1 channel event for current and future leaders. Hear industry experts and meet with more than 150 sponsors and exhibitors serving the channel at the Channel Futures Leadership Summit, Oct. 30-Nov. 2, in Miami Beach.

Channel Futures: How is your company using AI to keep you and your customers safe?

Diaz-Pamela_Entara.jpg

Entara’s Pamela Diaz

Pamela Diaz: At Entara, we understand that AI is an important addition to our operations and cybersecurity toolbelt as we work to keep our clients safe, but there are also security concerns with using AI. To mitigate these concerns, we have an internal AI policy to guide our employees’ usage. The policy includes parameters that employees cannot enter any data about our clients or our own organization into public AI instances. We take advantage of AI to improve operations and enhance our offerings, and help us develop creative ideas, but we are also cautious of its implications on our clients and our own security.

We have also shared our AI policy with clients so they can use it to educate their own employees and raise awareness. We are having conversations with clients during our regular business reviews to understand how they are using it, how they want to use it, and what challenges they want to have AI help them address.

Daley-Matthew_Virtual-Armor.jpg

Virtual Armor’s Matthew Daley

Matthew Daley: Bad actors are increasingly using AI to develop attacks so it’s important we utilize the same technology in order to identify threats and protect against them. The toolsets that we utilize on a daily basis like endpoint detection and response (EDR) solutions, security information and event management (SIEM) solutions, and extended detection and response (XDR) platforms use AI and machine learning (ML) to analyze and correlate data to identify threats.

Krishna Rajagopal: Our company has taken AI integration to the next level by incorporating it in unique, tailored ways. Here are some specific examples:

  • Behavioral analysis: Our AI systems monitor network behaviors, identifying deviations that might signify a breach.

  • Phishing detection: Leveraging natural language processing (NLP), our AI scans emails for subtle signs of phishing attempts, often catching threats that traditional filters might miss.

  • Emerging threats: Based on historical data and emerging cyber threat trends, our AI tools can predict potential future attacks or vulnerability exploits, allowing us to reinforce those specific areas.

By embracing these AI-driven tactics, we’ve transformed our cybersecurity approach from reactive to proactive, ensuring that we and our clients are not just …

… shielded, but ahead of the curve.

CF: How has AI helped your company stay ahead of cybercriminals and their latest tactics?

PD: We are constantly evaluating new tools to help our clients and team stay ahead of the evolving threat landscape. There are many security solutions that use AI and ML, but we are carefully vetting them before even considering introducing them to our clients’ or our own environment. It’s important to remember that AI is a big buzzword right now, and we cannot be distracted by that.

One example of a new solution … is a new microsegmentation tool that uses AI to learn a client’s environment and improve the tool’s coverage over time. One trend we will likely see is leveraging AI to translate logs into human readable format. This can be used to not only assist your team with quicker response times, but also help communicate the logs to clients in terminology they can understand.

MD: The AI engines behind the toolsets we utilize will look for known patterns of malicious and anomalous behavior that can often result in the detection of new variants in malicious activity. For example, cybercriminals continue to create new versions of ransomware, and we use AI and ML to identify those new variants and stay ahead of them. An AI-driven approach enables us to spot and manage threats that might get missed by rules-or behavioral-based detection approaches.

Rajagopal-Krishna_Akati-Security.jpg

Akati Security’s Krishna Rajagopal

KR: AI has reshaped our approach to cybersecurity in tangible, innovative ways. Here are specific examples that highlight its impact: adaptive defense mechanisms; deep learning for dark web monitoring; automated red teaming; and real-time data correlation.

With these specific integrations, our AI capabilities don’t just help us keep pace with cybercriminals. They allow us to foresee and preemptively counter their moves, ensuring our defense mechanisms are always one step ahead.

CF: What would be your advice for MSPs and all channel partners who want to incorporate AI in their cybersecurity, but aren’t sure how?

PD: I would advise MSPs looking to implement AI into their cybersecurity to first and foremost educate themselves on the risks, challenges and benefits of AI. They need to determine what AI means to their organization and what challenge they are trying to solve with it. AI usage needs to be strategic and purposeful. Consider starting small and addressing existing manual processes, keeping in mind that not all AI needs to be chatbots, but it can be much cheaper when you train AI for only it’s specific purpose.

Additionally, it is so important that you educate your employees on the implications of using AI, especially if you are not using your own instance. Privacy and plagiarism come into play when using a public instance like ChatGPT. Finally, think about how AI can be used to help you free up some budget. Cybersecurity budgets are commonly questioned or cut. Think about how AI can be used to lower your costs so you can offer more competitive pricing to your clients.

MD: To really lead in this area, an organization needs deep in-house expertise and robust – and evolving – technology and processes.  A great way for MSPs to ensure they can stay competitive is to partner with an MSSP for the delivery of cyber services. We do that with several MSP partners. We’re an MSSP, and given our focus on network and cybersecurity, we provide the backend cyber services for our MSP partners and help them ensure the services continue to evolve to match the risk environment.

KR: Incorporating AI into cybersecurity can seem daunting, but with the right approach, it becomes a …

… transformative experience. Here are concrete steps and examples:

  • Identify immediate needs.

  • Automate routine tasks.

  • Invest in training.

  • Human-AI collaboration.

  • Stay abreast of innovations.

Think of AI as both a scalpel and a Swiss knife. It can be precisely what you need for a specific problem, but it can also be a versatile tool addressing a multitude of challenges.

CF: What do you hope attendees can learn and make use of from this session?

PD: I hope that attendees learn the implications of AI, and both its benefits and possible downfalls. I want attendees to know that AI is an important technological evolution, but one that has to be approached thoughtfully. I want to teach attendees that they don’t need to be nervous about AI and implementing AI into their security stacks. They just need to be cautious and educate their employees. Be as thoughtful with your AI strategy as you are with your security strategy, and only buy tools once you thoroughly vet them and consider the value they are giving your organization.

MD: I hope they understand that AI is an upcoming important part of their cybersecurity practice and the business world more generally. In order to stay ahead of cybercriminals, we have to utilize everything at our disposal, which means learning the newest technologies, like AI and ML. AI offers tremendous new opportunities, but also creates new risks and exposures. Education and thoughtful application can help business leaders to capture the potential and avoid the potential pitfalls.

KR: My goal for this session is multifaceted:

  • Grasp real-world AI applications: By showcasing real-case scenarios, like how AI-driven algorithms detected and mitigated zero-day vulnerabilities or the way NLP thwarted sophisticated phishing attempts, I hope attendees can envision how AI can be implemented in their own environments.

  • Acknowledge the dual nature of AI: Just as we discuss the triumphs of AI, it’s equally crucial to spotlight its challenges. Reflecting on incidents where AI systems were misled or generated false alarms can serve as a lesson on the importance of continuous refinement and human oversight.

  • Equip with actionable steps: Beyond theoretical knowledge, I want attendees to walk away with actionable insights. This might range from a road map on how to begin integrating AI into their operations, to lists of trusted AI vendors and platforms to explore.

  • Cultivate a forward-thinking mindset: AI is not just about the present, it’s about the future. Through discussions on emerging AI trends and potential next-generation threats, I hope to instill a proactive, future-ready approach in attendees.

Ultimately, I want everyone to leave not just informed, but inspired, ready to harness the power of AI, but with the prudence to navigate its complexities, ensuring a robust and resilient cybersecurity posture for their organizations.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

Read more about:

MSPs

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like