Sam Rehman, SVP and Chief Information Security Officer at EPAM Systems, Inc., discusses AI, cybersecurity challenges, applications and APIs, VPN, building software, and other aspects. Read on to know more about the biggest threats in the cybersecurity space and the applicable mantras to mitigate risks.
Media 7: There is a lot of excitement around how machine learning can change the cybersecurity landscape. What are your thoughts on it?
Sam Rehman: First and foremost, we need to understand machine learning and big data in general, and how attackers are using artificial intelligence (AI) —whether we like it or not— with their scanners and different approaches of targeting people and systems. They use AI in a number of ways, including to reduce failure and accelerate and increase their yield. And there’s a lot of innovation around this. There's a big marketplace that's actually building out a lot of these tool sets for them. So that's one aspect of it. On the defensive side—on the “good guys” side—AI is critical in a number of areas. We’re facing an attack surface now that is on a whole different scale. We’re looking at people accessing numerous devices and using different kinds of access points. You look at the people, connecting to different applications. There are tons and tons of APIs, but there’s really no effective firewall anymore. The new perimeter is much more fluid. And for that aspect of it, it's not possible for us to just use our own sets of policy without getting out from under big data—from analytics and AI. So how do we use AI? Well, in the same method that the attackers are, to speed things up.
Everything about security always comes back to speed, surprise and aggression; even from the attacker’s perspective. AI can begin to defend from all aspects. For example, if there's an attacker getting in, AI could help us potentially narrow it down to figure out much faster, where the anomalies are. Second, it could actually help us on some predictive work as well, which is to see where the focus areas are. It can scan through the data and understand where our real exposures are, so that we can actually focus our technical controls in those areas as opposed to putting in a backdoor that turns out, none of the attackers would ever use. We eliminate, and lesson wasted resources, which is why, from my perspective, AI is a must. The question is, how do you use it? I think there are lots of areas that could be useful, but the most important aspect of it is to amplify your response team, or your tactical teams. Help them reduce their manual labor, automate and predict as much as possible, while reducing the feeling of false.
To read the rest of Sam’s interview, click here: https://engineering.report/thought-leader-on-deck/q-a-with-epam-systems-inc-sam-rehman
Learn more about EPAM’s Cybersecurity by Design here: https://www.epam.com/services/consult-and-design/enterprise-technology-and-operations-transformation/cybersecurity