If you can’t combat threats in real-time, you’ve already lost: Palo Alto Networks CIO Meerah Rajavel
Summary
- AI has reshaped security for companies with a sharp rise in the sophistication and number of attacks, and the speed at which they are executed, Rajavel said.
The rise of artificial intelligence (AI) has reshaped the security landscape for companies with a sharp rise in the sophistication and number of attacks, and the speed at which they are executed.
"The time attackers take to execute has drastically reduced. In 2021, the average attack took nine days to develop. Today, it’s just three hours," chief information officer (CIO) of Palo Alto Networks, Meerah Rajavel, told Mint in an interview. “Now, tools like generative AI (GenAI) allow even novice attackers to craft an attack almost instantly. They don’t need expertise—just a prompt to generate malicious code," she added, insisting this is a “nightmare" for security personnel.
Similarly, dwell times—where attackers linger before extracting data—have shrunk from weeks to mere hours. Rajavel recounted a healthcare breach where attackers extracted terabytes of data in just 25 minutes. Also, attackers now use AI to craft sophisticated phishing emails or deepfakes.
"Imagine receiving a convincing call from someone pretending to be a loved one in distress, or a CFO (chief financial officer) on a Zoom call instructing an employee to transfer funds. These threats are no longer hypothetical—they’re happening now," Rajavel said, underscoring how GenAI has made such attacks more accessible.
Also Read: OpenAI vs ANI: Why ‘hallucinations’ are unlikely to fade away soon
"If you can’t combat threats, or protect your assets, in real time, you’ve already lost," Rajavel asserted. "When attackers are leveraging AI, we can’t rely on traditional defences. We must combat AI with AI," she added.
Hybrid work challenges security
That said, the rise of hybrid work environments (work from home and office), too, is giving rise to more security challenges. Rajavel agreed that the covid pandemic made mobility a given across all industries. “It’s no longer about differentiating between working from home or the office. Mobility now means anywhere, anytime, on any device—whether it’s an iPad, laptop, or mobile phone. The flexibility is essential," she points out.
"What’s needed is a unified platform—security policies must be consistent. The system should safeguard users against malicious URLs (internet addresses), threat vectors, and malware while providing deep inspection across all devices," Rajavel said. But she stressed the need for a balance between maintaining robust security and respecting user privacy, particularly when personal devices are involved.
The problem, Rajavel explained, lies in companies using multiple security tools. Many organisations grapple with an average of 50-60 security tools, each addressing a specific use case. "Every new technology brings a new tool. For example, Zero Trust Network Access (ZTNA, which provides secure remote access to apps and services) for remote work, another tool for cloud access, and yet another for container security -- it’s a patchwork approach that complicates security management," she added.
Palo Alto Networks, on its part, has reduced its own security tools “from over 40 to just 14". “Integration is the only way to enable real-time, AI-driven automation," she said.
Pivotal role of CIOs, CISOs
Thus, the role of CIOs and chief information security officers (CISOs) in this battle is pivotal. While CISOs focus on uncompromising security, CIOs prioritize maintaining a seamless user experience alongside security. "It’s two sides of the same coin," Rajavel observed. "You can’t sacrifice security for experience or vice versa. Security must be integrated from the start, not an afterthought. Think of it as cooking—security isn’t the seasoning you add later; it’s an essential ingredient from the beginning."
Also Read: Faith meets future: How AI digital twins are helping preserve churches, temples, and mosques
Rajavel also highlighted the importance of this integrated approach in balancing legacy and modern systems. "In any large enterprise, you’ll have a mix of greenfield and brownfield projects. Greenfield projects allow for better security integration. For legacy systems, encapsulation through modern architectures like APIs (application programming interfaces) and service-oriented designs can bring them up to standard without overhauling everything," she explained.
Rajavel shared an example from Palo Alto’s own journey to password-less security. "We couldn’t overhaul 200 legacy applications overnight. Instead, we developed an authentication service with industry-standard protocols (like OAuth, SAML, and FIDO2). This abstraction layer allowed us to modernize while respecting the constraints of older systems," she added.
Multi-faceted security threats
The evolution of threats underscores the need for such adaptability. For instance, Palo Alto Network’s own firewalls have been compromised in the past, the most recent one being in November. "Ten years ago, we couldn’t imagine today’s cyber risks. As a cybersecurity company, we’re a prime target—not just for financial gain but for the intellectual challenge. Some attackers see breaching a cybersecurity company as a badge of honour," she said.
In today’s regulatory environment, especially in the US, vulnerabilities must be reported to agencies like the Securities and Exchange Commission (SEC), Rajavel said, adding, “We ensure our customers are secured before vulnerabilities are publicly disclosed, leveraging telemetry and customer success teams for targeted mitigation."
Palo Alto Networks combats these challenges with advanced machine learning and deep learning models. "Every day, we prevent about 2.3 million new attacks, including entirely novel threats and variations of known ones. Our technology constantly evolves to stay ahead of adversaries, ensuring we protect not only ourselves but also our customers," Rajavel asserts. She also highlighted Palo Alto Network’s proactive measures, including ethical hacking exercises like red, blue, and purple team drills, which simulate attacks to identify potential weaknesses.
Cybercriminals versus cybercops
That said, Rajavel underscored that adversaries are more organised than defenders. "Cybercriminals operate like a well-oiled supply chain, with specialised groups for infiltration, data extraction, monetisation, and laundering. In contrast, organisations often respond to crises in silos rather than as a coordinated front."
Also Read: CourtGPT: Can you expect a fair trial from AI lawyers and judges?
To address this imbalance, Palo Alto Networks works closely with governments and public sectors worldwide, shaping cybersecurity policies and standards. "We’ve collaborated on post-quantum cryptography with National Institute of Standards and Technology (NIST), setting standards to prepare for the future of encryption threats. Governments, including India’s, are taking cybersecurity seriously, introducing stricter reporting mandates and fostering innovation," she said.
NIST sets standards in the US for post-quantum cryptography, which entails developing encryption methods that can resist attacks from quantum computers.
Rajavel also reflected on the evolving role of CIOs. "They (CIOs) are responsible for driving revenue, optimising efficiency, and ensuring customer and employee satisfaction. But the fourth pillar—security—must underpin all three. CIOs and CISOs are truly the Guardians of the Galaxy (reference to the sci-fi film), ensuring seamless operations while countering ever-evolving threats."
The fragmented global cyber security market size was estimated at $222.66 billion in 2023 and is forecast to touch about $500 billion by 2030, according to Grand View Research, Inc. Other than Palo Alto Networks, cybersecurity companies include Cloudflare, Microsoft, SonicWall, Check Point Software Technology, Cisco Systems, FireEye, Fortinet, IBM Corp., McAfee, Sophos, and Trend Micro.
Key Takeaways
- Palo Alto CIO Meerah Rajavel said that in 2021, the average cyberattack took nine days to develop while today, it’s just three hours.
- Dwell times—where attackers linger before extracting data—have shrunk from weeks to mere hours.
- Attackers now use AI to craft sophisticated phishing emails or deepfakes.
- If you can’t combat threats, or protect your assets, in real time, you’ve already lost.
- Cybercriminals are better organised than cybersecurity departments of organisations.