The cybersecurity industry is experiencing a transformative phase driven by the rapid adoption of artificial intelligence and the escalating need for stronger data security.

As organizations navigate the complexities of integrating AI into operations, the focus is on ensuring that these powerful tools are secure from the ground up. The industry’s practitioners are emphasizing the necessity of protecting critical infrastructure and data to maintain operational resilience and counteract the evolving threats posed by cyber adversaries. This new wave of cybersecurity thinking is not just about keeping pace with technological advancements but also about anticipating and mitigating future risks, according to Zeus Kerravala (pictured), founder and principal analyst at ZK Research.

ZK Research’s Zeus Kerravala talks about data security with theCUBE.

“Our infrastructure has gotten so much more broad, the attack surface has gotten so much bigger that all these new areas that we’re adding on aren’t ready for consolidation yet,” Kerravala said. “I think we are simultaneously seeing people consolidate through the use of SSE but also in XDR, but then also expanding their security footprint for things like AI security and reputation protection … there’s a bunch of new security categories as well.”

Kerravala spoke with theCUBE Research’s John Furrier and Savannah Peterson at the Black Hat USA event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the cybersecurity industry’s focus on securely integrating AI, managing decentralized data and fostering collaboration to enhance resilience and counter future threats.

The future of AI in data security

One of the key topics discussed at Black Hat USA was the critical role of AI in modern cybersecurity strategies. Though AI offers significant advantages in terms of threat detection and response, it also introduces new vulnerabilities. The integration of AI must go hand in hand with stronger security measures to prevent these systems from becoming targets themselves, according to Kerravala.

“For most companies, they want to take all that tweaking and tuning time out of it,” he said. “You’re having to manage multiple platforms and multiple vendors and that creates a problem I think that security pros haven’t had before.”

The industry’s move toward consolidating data into centralized databases or data lakes has proven to be impractical for many organizations as they work with the challenge of managing and securing vast amounts of data. Instead, there is a growing recognition that keeping data decentralized but secure is a more feasible approach.

“The other side of that too is AI is all data driven,” Kerravala said. “If you don’t have access to your data then you can’t run your AI algorithms and more companies are trying … to consolidate their data into one big database or data lake somewhere. Then they realize that’s not really practical.”

Collaboration and standardization: keys to success

In an industry where threat actors often share information freely, the defense community must also enhance its cooperative efforts. By sharing knowledge and standardizing practices, the industry can more effectively combat cyber threats, according to Kerravala.

“I do think there should be better standardization,” he said. “We talked this a little bit about this at RSA [Conference], this whole concept of vendors reporting their own vulnerabilities. Some do it, some do it better than others. Why isn’t that all standardized? Why is it up to customers to report things instead of the vendors?”

Looking ahead, the data security landscape is poised for significant changes. The industry’s focus is shifting toward integrating security into every layer of technological deployment, particularly with AI. This proactive stance is essential to mitigate the risks associated with rapid technological advancements.

“There hasn’t been a lot of talk about security for AI,” Kerravala said. “I think that in some ways that’s been a bit of a missing piece because I think it’s hard to do and nobody’s really figured out how to do that yet … I think with AI, I don’t think you can afford that lag. I think that’s got to be part of that deployment.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of the Black Hat USA event:

Photo: SiliconANGLE