Welcome to the KuppingerCole Analyst Chat. I'm your host. My name is Matthias Reinwarth, I'm the director of the Practice Identity and Access Management here at KuppingerCole Analysts. My guest today is Nitish Deshpande. He is a Research Analyst with KuppingerCole, and he's looking into emerging technologies and cybersecurity and that's the reason why he's here. Hi, Nitish, good to have you.
Hi Matthias, thank you for having me as well.
I always look forward to these podcast sessions with you.
Really love to have you as a guest. And we want to continue a discussion that we had before. When it comes to modern technologies influencing the state of cybersecurity, we had that with AI, we had that with machine learning, with new threats, with revamped threats. You are working in the area of the autonomous world of automation in connection with cybersecurity. So if you can give the audience a bit of an intro into automation in combination with cybersecurity, what are the key aspects one should know?
All right. Yes, so if we rewind back to last one year, there has been an exponential growth in the use of AI and machine learning. And I think it seems surreal that AI has now reached the end user and anyone can use it right now, which seemed like a distant possibility one or two years back. And what this has also contributed to is the rise in cybersecurity threats. Also there's one more thing which is contributing is the increasing digital transformation. The more devices directly are connected to the Internet, the bigger is this attack surface for, the malicious actors. And so when you combine this with automation as well, an increase in the risk that is towards these devices from outside. And so I think that is something which needs to be addressed as soon as possible, if you consider the speed at which AI and machine learning is growing.
Right. And when we're talking about machine learning, when we're talking about automation, we had that in earlier discussions with other analysts as well. So you need to have the proper information base to react properly towards these cyber threats. So you need to have on the one hand, machine learning models on the other hand machine learning training data to apply to really get to an appropriate level of automation. When it comes to training data, what is important to know, are there challenges, what can I use for really being better in cybersecurity and automating that?
Right. Yes. So one of the biggest challenges when it comes to training machine learning models is the availability of the sensitive information. And the security vendors, the vendors who create these cybersecurity solutions against AI / machine learning, they need data to train the machine learning models and for that they need as much data as possible. But as companies have some sensitive information in this data, they cannot give this data out. So it's goes both ways. So if you want this to work perfectly, you will need a collaboration between the companies and the security vendors. So that is one of the biggest challenges that we are facing right now, as well. And when you're talking about sensitive data that includes data like intellectual property, the DII, or for data that is regulated for compliance reasons. So this is this is a very sensitive information which cannot just be given out for the sake of training machine learning models. So that's, that's where we are right now, is this tussle between security vendors and the companies. So hopefully there is a solution found for this one that will help machine learning models to get much better than what they are right now.
Right. So on the one hand there would be some kind of generalized data that comes from many sources that needs to be anonymized and pseudonymized and still needs to be usable. On the other hand, it should be training data from the individual organization and ideally they want to prevent cybersecurity incidents. They should not have enough data to do that training. So really agree that it's really an issue to get to proper training data, but that is a problem to be solved, as you said. So that's the training data aspect. Now, when you talk about the machine learning models, how do you make sure that they work properly, even given appropriate data as training material?
I think one of the things that also is a challenge is making sure these AI based cybersecurity products, they do not misbehave in real world conditions. Or they are not bypassed by deceiving them with some other information. So it's tricky for the vendors right now, what they are struggling with, is how can they train these models in the current situation and also train them that they are not deceived by certain malicious actors. We will talk afterwards about the lack of contextual gap as well that these automation and AI tools are lacking. That is one of the aspects which is causing this effect.
Right. So we are talking now technology, but we are analysts. So we should also take a step back. It's easy to say, yeah, there's a huge threat coming out of the Internet and there's automation on the attacker side and they use machine learning. So now that switch on automated protection via cybersecurity tools that do the same on the protective side, I think not many organizations are already there to use that to add that to their cybersecurity portfolio, but this is my personal notion. What should organizations do to actually leverage these products and to stay ahead of what's going on right now when it comes to current cybersecurity threats? What are your thoughts and recommendations?
I think we have to start with first identifying these threats. And there are new tricks coming up every day, so there needs to be a solution to continuously update these models so that they can be prepared to attack and defend as well against these threats. So that's one of the recommendations that we can provide to organizations, is to train their personnel and keep the tools up to date constantly. Another is that, I think it's more about having a collaborative environment between the humans and the machines. I mean, there's this talk around that AI is going to replace humans. No, I think AI’s main purpose is that it should enhance the humans and provide assistance in daily easy task so that humans can focus on a more high privilege task and high priority tasks. So if organizations can create this collaborative environment, that will be great. And using this collaboration, they can use and implement tools for detecting threats and mitigating threats. Having a framework which allows humans to see what are the threats and make decisions based on them. So that's, I think one of the recommendations which we can suggest.
Right. So you stressed the importance of the human as part of the overall cybersecurity, cyber protection fabric. So you cannot remove the human being from this equation because there needs to be the contextualization. And I think that is also an important aspect that you're that you're looking at when it comes to cybersecurity. It's really about contextual understanding about what does that even mean for that organization? How can that be interpreted and what does that mean for automating response, right?
Right, yes. I think that is one more challenge which automation and tools like machine learning are facing is this lack of contextual understanding. For example, if you have a user who is now going to access its devices and systems from a different location there needs to be policies and procedures in place which address that this contextual understanding should be provided. And that can only be achieved by having robust policies and procedures that will fill this gap and make sure that even if some different situations are the case then there should not be disruption to the business activities. So that's one way to look at this and I think if that can be achieved then we can move forward. And also we need to have the personnel who are using the cybersecurity tools to be trained with the newest possible technologies. And that's one way to avoid cybersecurity threats.
Right. And again, if we take a step back, being analysts, not only looking at products that are right now and doing briefings with vendors, what are your expectations in this changing world that we have? And it's always this truism to say in this changing world, but it's true. We are in a world of transformation. Much, much more processes are getting digitalized, they are automated, they are running without human intervention. What do you expect for a future cybersecurity scenario in, say, one year, two years? What are your expectations for the threat landscape and for the way how we will defend against that?
Right, yes. As you mentioned, it's growing at a great speed. And from an analyst point of view, we can say that one recommendation is to not rushing to it. Yes, automation is here and it will stay and evolve. But companies should not rush into it without doing due diligence on what is possible and what are the threats around it. And yes, the digital transformation, it will continue to evolve, continue to grow around the world. And this event is similar to many other events in the past we had the dot-com boom, we had the growth in social media. Now if you take another example, the growth of the ev market, these things are changing the landscape. Similarly, AI and machine learning will change in the cybersecurity landscape as well. So companies need to be equipped to be able to tackle this solution. And once they are ready to face the cybersecurity threats, they will be truly able to exploit the full potential of automation and efficient and reliable processes.
Right. So that was the bigger picture. That's important to keep it in mind. But if you had, as a final thought, two top recommendations where organizations should start right now, ideally yesterday, what were your recommendations when it comes to actual, tangible, actionable advice for organizations, what to do to prevent right now against the new type of threats that they're are around?
Right? So the first one would be to get knowledge on this topic. This is such a constantly evolving topic. I mean, we were in a discussion yesterday with other analysts and they were trying to identify if there will be AI in ten years, but there was a very good argument that we don't know that it'll be even tomorrow. So you need to be on top of this topic and see how things are evolving and be prepared to tackle in any situation. And that can be done by having a dedicated team for that to keep track of the situation and train this team as much as possible. And use this team to train our models and machine learning models to figure out the, you know, the solution that can be used in the long run as well.
Right. Thank you very much. That's really fascinating. And I add two more top recommendations from my side. First, you have written a blog post about that topic, so there's more to read about that. So if somebody who's interested heads over to kuppingercole.com, just goes to the event blog. There's the Securing the Autonomous World by Reinforcing Cybersecurity blog post from you, Nitish. And that's a really interesting read. And that continues our conversation in more detail. That's the first recommendation, of course, to do. And the second is in November, we will have the cyberevolution event in Frankfurt, which will exactly focus on that intersection of cybersecurity and emerging technologies, of course, including and mainly focusing on machine learning and artificial intelligence. You will be there. I guess I will be there. So that will be a place where we can continue that discussion also in person and more importantly, where peers can meet, where you, as the audience can meet with other users of these technologies, with other organizations that are threatened by these new cybersecurity threats. And that will be a great discussion to be led later then. So that is the right time right now to have a look at our website for cyberevolution and hopefully to meet then in person in Frankfurt later in November. Thanks, Nitish, for being my guest today. That was an interesting insight into cybersecurity plus automation plus machine learning, training, data and models. And I'm looking forward to continuing that discussion. Thanks, Nitish.
Thanks Matthias, it was great to be on this podcast with you.
Thank you.
