While business leaders and consumers have growing concerns over new security threats empowered by AI, cybersecurity professionals are eager to get their hands on AI-enabled tools to defend against bad actors. This evolving dynamic around AI is requiring both business leaders and IT organizations to think critically about new considerations regarding security and risk.
The AI Imperative and Risk
With the promise of significant productivity and efficiency gains, the power of automated data-informed decision making, and the implication of AI transforming many (if not most) areas of business, enterprise investment in AI continues to grow. This includes spend on devices, infrastructure, solutions and services, and resource allocation in designing, implementing and managing proofs of concept and new use cases as businesses chart paths forward.
While the future of computing is intelligent, adaptive and secure, the pursuit of increasing numbers of AI applications is driving new considerations and heightened sensitivities around data privacy and cybersecurity. With rapid adoption of AI impacting growth and competitiveness, many IT leaders are evaluating solutions that will best mitigate vulnerabilities and manage risk.
AI, Meet Cybersecurity (and vice versa)
The adoption of AI introduces or heightens a range of risk considerations for security organizations, including but not limited to data privacy and security, ethical model development, and corporate governance. The stewardship of AI is critical to the reliable and responsible safeguarding of both data security and privacy. As AI-enabled functions proliferate, enterprises must adopt a comprehensive approach to security while business leads ensure their organization’s cybersecurity infrastructure is keeping pace. This includes addressing risk across all modes: on-device, on-premise, and on-cloud, and accounting for evolving regulatory environments.
With the understanding that people, not technology, are the most critical piece of any security system, organizations need to build better security cultures as the biggest element to improving security postures. Employees must be equipped with the training, support and protocols to maintain constant awareness of the nature of threats and defense against attacks.
As AI PCs are being introduced to the market, they offer increased productivity, predictive experiences and intelligent decision-making. These new smart devices present an exciting evolution in the Information Age, with enormous potential for assisting humans from everything like mundane tasks, say ordering plane tickets, to the mind-boggling complex, cancer research and pharmaceutical development.
However, on-device AI also presents new potential risks – for example, with so much data stored on a single device, attackers may find them an especially appealing target as an access point to sensitive data and even the AI models themselves. Baseline recommendations about AI PCs for IT and security organizations include:
- Implement device-level encryption and secure boot mechanisms to help prevent physical access to proprietary data or AI models,
- Use differential privacy techniques to protect individual data points and ensure user data isn’t reconstructed,
- Regularly update and patch on-device models to stay on top of increasingly sophisticated attacks.
AI as Ally
As AI adoption presents new challenges and potential risks, it is also playing a vital role in enhancing cybersecurity. AI PCs can enable greater security, for example, reducing exposure by running models and processing data on the device rather than transferring it to a data center or cloud. At the enterprise level, AI is helping advance security protocols through enhanced security via automated AI-enabled digital defenses. For example, AI is being used to create personalized profiles for behavioral analytics to help mitigate employee risk exposure. Its efficacy in reviewing security logs helps bolster advanced threat detections and can generate comprehensive security situation reports and automated responses to cyber threats. Additionally, GenAI-powered support delivery platforms can help manage critical tasks pre-emptively and keep environments secure.
Secure by Design
The AI imperative means now more than ever, it is critical that business leaders and IT teams know of, and practice where possible, the principle of “Secure by Design” meaning that technology solutions, and the systems they serve, are built in a way that reasonably protects against malicious actors gaining access to devices, data, and connected infrastructure. Last year, the Cybersecurity and Infrastructure Security Agency (CISA) announced the Secure by Design Pledge which has since been adopted by hundreds of businesses, including Lenovo. The pledge establishes a framework for enterprise software products and services developers to prioritize the security of customers as a pinnacle business requirement.
At Lenovo, we are fully committed to security both internally, and in the solutions and products we provide customers. A longtime proponent of Secure by Design, Lenovo builds with embedded security, make purchasing decisions with consideration to security outcomes, design protection throughout the solution lifecycle, including a transparent/secure supply chain that helps defend above and below OS – e.g. BIOS attacks).
Through the Lenovo ThinkShield portfolio of cybersecurity solutions, we selectively partner with best-in-class, like-minded security vendors such as SentinelOne which uses patented behavioral AI to deliver fortified real-time prevention, ActiveEDR, IoT security and cloud workload protection. As part of the collaboration, Lenovo will also build a new Managed Detection and Response (MDR) service using AI and EDR capabilities from SentinelOne’s Singularity Platform as its foundation.
Business leaders and cybersecurity teams must make strategic decisions regarding a proactive and comprehensive approach to AI and cybersecurity. The goal of the enterprise should be to build a clear security and resiliency advantage by using intelligent devices that help defend themselves in real time. Ultimately, AI-enabled tools that support security-minded cultures will achieve better defenses.
Credit: Source link
