Companies
‘Generative AI to drive shift in cybersecurity’
Summary
In an interview, Terence Gomes, country head, security, Microsoft India, spoke about the difference generative AI can make in cybersecurity.NEW DELHI : There has been a growing interest in leveraging more mature artificial intelligence (AI) and machine learning (ML) models as cyberattacks become more frequent and threatening. Last week, Microsoft announced a new product called Security Copilot, which leverages OpenAI’s generative AI model GPT-4, to assist security experts. In an interview, Terence Gomes, country head, security, Microsoft India, spoke about the difference generative AI can make in cybersecurity. Edited excerpts:
Many of the modern threat intelligence solutions use AI. What additional value can the cybersecurity industry derive from generative AI?Mainstream AI is used for analytical baselining. In almost all our security platforms where a lot of baselining happens and any anomaly gets flagged off, AI and ML are involved in the background. If there are 20 different alerts, but they all are related to one incident, we converge all that into one single incident using AI.When you bring in generative AI as a co-pilot, it can do a lot more. With generative AI you can go in and feed your queries and it can return answers fast. So, it helps you with a better investigation and faster analysis. It also prompts you to take action. Generative AI can help augment what human beings can do but at machine speed and scale. So it becomes critical in security protection, investigations, and response.
How has the reaction of security practitioners to Microsoft’s Security Copilot been?Generative AI is going to be a game-changer in the industry. It is not generally available yet, but there is a lot of interest in it in India. I am excited because I’ve been in this industry for the last 25 years and I can understand the frustration that practitioners have when they’re dealing with security alerts and investigations. Looking at different signals, manually pulling out information and then trying to make it work would typically take more than a day or two.What is the reason for the skill shortage in cybersecurity? Do you see it being resolved anytime soon and can generative AI help?Generative AI is going to optimize the human element, which is still required. Skill shortage is still predicted to continue. One report in India talks about 1.5 million jobs opening up in cybersecurity. Globally, we are analyzing 65 trillion signals per day, last year, it was 43 trillion, and a few years back, it was 6 trillion. You can imagine the number of cyber signals that are out there that we analyzed to provide insights for customers. Attackers are also evolving and coming back with newer threats and approaches.
What role have regulations played in India in improving security posture?If you look at the regulatory posture, whether it is the Reserve Bank of India (RBI) giving proactive guidance to banks, which has helped banks improve their security posture. Even CERT-IN guidelines that have come for larger organizations have driven a lot of awareness and helped in bringing management effort and prioritization, which in turn helps security practitioners to implement controls.Many organizations I have spoken to are making a lot of effort. Their posture, if you compare it over a period of time, has improved by implementing all these guidelines.
