AI in Cybersecurity: Hype vs. Help
The advent of generative AI within consumer-grade tools fired-up the world’s imagination this year, as organizations weighed the risks versus rewards of its use. While these new and untried uses of artificial intelligence were being unceremoniously released to the masses, more tenured forms of AI quietly extended their reach and usefulness to the enterprise, rooted in tried-and-true applications that organizations have come to trust and rely on for their day-to-day operations.
One of the most widely adopted areas of enterprise-grade AI is in the area of cybersecurity, where predictive AI has reigned for almost a decade. In fact, the abundance and frequency of zero-day attacks have made it more crucial than ever for organizations to turn to predictive AI to heighten their defenses.
Which “Flavor” of AI Is Right for Me?
The growing variety of AI and its proposed uses has created an increasingly confusing landscape for IT and cybersecurity leaders. That’s why we turned to BlackBerry Vice President of Product and Technical Marketing Paul Zimski to help sort things out.
As Zimski explained to me during a video interview at the Black Hat 2023 conference, there are two main “camps” of AI applications, from a cybersecurity perspective: predictive and generative.
“There are the (predictive) models that defend you proactively, and do so automatically — and also the (generative) models that help you as a human being understand what you're looking at, come to conclusions, and decide on actions.” Zimski continues, “At BlackBerry, we definitely think that there's a need for both in cybersecurity.” This explains why the company holds more AI-related patents than competitors, and those patents are in both predictive and generative AI.
In fact, BlackBerry recently announced an innovation that acts as a generative AI-powered SOC Analyst to increase efficiency and reduce fatigue for CISO teams.
Watch my complete interview with Zimski during Black Hat 2023, below, or keep reading for some important excerpts.
Moving Beyond Generative AI Hype
Generative AI, based on LLMs (large language models), is about helping people traverse large sets of data and make rapid sense of it, Zimski says. The rapid introduction of ChatGPT and similar generative platforms led to a sudden “hype cycle” of adoption — even among some cybersecurity vendors — followed by unpleasant realizations that consumer-grade generative AI applications can come with privacy and data leakage concerns.
Rather than join the rush to cash in on the newfound allure of consumer-grade generative AI models BlackBerry opted for an approach that would yield trusted solutions that are resilient, and built on substance instead of hype. This path led the company to continue its research and development activities, focusing on innovative uses of enterprise-grade generative AI that do not present risks to user data privacy, or leakage of valuable intellectual property into the public domain.
“We have been careful about not just releasing something to claim it in a press release,” says Zimski. “Instead, we waited to implement generative AI in a secure manner, and a manner that drives the right outcomes for our customers.”
BlackBerry feels so strongly about this measured approach, it was among the first signatories to Canada's recently unveiled Voluntary Code of Conduct on the Responsible Development and Management of Advanced Generative AI Systems.
Seeking Substance Amid the Hype
Because so many marketing claims are made about the use of AI in cybersecurity, Zimski recommends judging AI products based on proven outcomes instead of claims. Questions to help determine the value of AI to any given product include, “Does it stop the attack early on? How many attacks will it miss? What type of resource demand will it put onto your system? And does the vendor have third-party verification of these things?” Zimski suggests looking for the type of verified comparisons he shared in his recent blog post, Microsoft Defender vs. CylanceENDPOINT.
Another important source of information when evaluating AI claims relative to cybersecurity solutions is the existing customer base. Gartner® Peer Insights™ is a great place to find customer reviews of AI-equipped Endpoint Protection Platform (EPP) products such as CylanceENDPOINT™, based on reviews posted by existing users. Zimski says these things can help you sort through what is hype, to find AI that helps secure your organization.