0% found this document useful (0 votes)
121 views16 pages

Ai in Cybersecurity Define Your Direction

Uploaded by

minhql.hut
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
121 views16 pages

Ai in Cybersecurity Define Your Direction

Uploaded by

minhql.hut
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

AI in Cybersecurity:

Define Your Direction

Minimize disruption, manage risk


and harness the value of AI.
Move past hype and Balancing cybersecurity reality with GenAI hopes
maximize AI’s value in
cybersecurity
Hype around AI and generative AI (GenAI) in cybersecurity

New
has disrupted business as usual. It’s also adding new levels
s
threat
of risk and distraction to an already challenging security
nd
landscape. And despite the upheaval, AI hasn’t yet fulfilled Cost a s
rce
its promises. ved resou Qualit
y
Impro e
s s
Still, yesterday’s disruption is tomorrow’s opportunity.
a n t i f iable defen n
Huma ion metric
Qu
Beyond the hype lies real promise for harnessing AI’s value.
mes entat
outco o m i s es of a u g m
AI can and will transform how organizations operate — Pr
ctivity
including security. In the meantime, as the challenges of Full produ
AI become more apparent and AI applications continue to ation
mature, turn your focus toward: autom
• Rightsizing AI’s impact
• Prioritizing key areas of risk
• Maximizing AI’s value
• Anticipating future changes
Generative AI

Source: Gartner

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 2
Minimize disruption Manage risk Harness AI

Rightsize AI’s impact Direct and urgent


Our analysis reveals nearly 90% of enterprises are still • Unmanaged, uncontrolled use of confidential data in third-party applications
researching or piloting GenAI, and most of those have • Copyright infringement and associated brand damage
yet to put AI TRiSM (trust, risk and security management)
technical controls or policies in place — creating a wave
of change for security. Leaders are feeling the effects in Direct and hyped as urgent
multiple ways: Early, exaggerated announcements designed to spark interest in GenAI

Indirect and scary


• Concerns about possible privacy risks and threat actors
• New attack surfaces emerging from disrupted business practices

Indirect and latent


• Ongoing GenAI adoption that requires ongoing security adaptation
• Upcoming regulations and compliance requirements requiring security
team preparation
• Uncertainty on future skill gaps and talent challenges

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 3
Minimize disruption Manage risk Harness AI

Define your direction Cybersecurity leaders’


Pivoting to GenAI will require new or modified governance principles, along with a well-defined
top 3 risk-related concerns
cyber roadmap that integrates strong AI-focused considerations. about GenAI usage:
Your organization’s scope of AI governance will depend on its maturity — but every
Third-party access to
organization can and should focus on the following three concurrent roadmaps:
sensitive data
1. Adapt application security strategy to AI
Ensure you continue to implement secure development practices, while securing new
attack surfaces at runtime and across the development cycle. Implement privacy- GenAI application and
enhancing technologies and evaluate new GenAI techniques in application security. data breaches
2. Integrate new AI technologies into cybersecurity
Factor the impact of today and tomorrow’s AI into your three-year roadmap.
Erroneous decision making
3. Build AI considerations into risk management programs
Skill requirements will evolve. So will metrics, risk registers and exposure to threats.
Source: Gartner

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 4
Minimize disruption Manage risk Harness AI

Implement AI trust, AI trust, risk and security management technology


risk and security
management AI TRiSM technology components

(AI TRiSM) solutions AI system users need


to acquire this tech
GenAI’s risks intensify with the use of externally hosted Content anomaly Data Application to fill gaps in builder/
detection protection security
large language models (LLMs) and other GenAI models owner solutions
that prevent enterprises from directly controlling their
application processes, data handling and storage. Responsibilities
Explainability and Adversarial exclusive to
Model management
The risks also exist in on-premises models hosted and transparency resistance builder/owner
and ModelOps
controlled by the enterprise, especially when security
and risk controls are lacking.

Manage risk with AI trust, risk and security management


(AI TRiSM) — a framework of controls and trust enablers AI systems
that provide ongoing: Models, applications, agents

1. Content anomaly detection


Organizational governance
2. Data governance and protection
Privacy, fairness, bias control Measurement, workflows, policies
3. Reduction of application security risks

Source: Gartner

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 5
Minimize disruption Manage risk Harness AI

Prioritize securing
GenAI applications GenAI acceptable use policy (AUP)

 hecklist of security requirements to validate, approve and


C
Ensure baseline security controls are in place Web and SaaS onboard SaaS applications
for Web, SaaS, cloud infrastructure as a service
(IaaS) and platform as a service (PaaS). Then take
application
 ata security standard for how sensitive data needs to be
D
measures to secure GenAI applications. consumption protected in the public cloud

Security service edge (SSE) product to secure web and SaaS usage

Security standard for how public cloud usage should be secured

Cloud and web application security technologies


Cloud-hosted
enterprise Capabilities to secure custom-built applications

applications Bot detection controls to ensure only humans use GenAI applications

Capabilities to protect internal- or external-facing API endpoints

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 6
Minimize disruption Manage risk Harness AI

Focus on 3 key
areas of risk
GenAI promises multiple benefits,
Content anomaly Data Application
including greater efficiency and detection protection security
productivity. It also introduces three
new categories of risk.

• Unacceptable or malicious use • Data leakage • Adversarial prompting attacks


• Hallucinations • Compromised content and • Vector database attacks
user data
• Inaccurate, illegal, copyright- • Hacker access
infringing and other damaging • Privacy and data protection
outputs policy governance

• Privacy impact assessments

• Regional regulatory compliance

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 7
Minimize disruption Manage risk Harness AI

Define your direction By 2026, enterprises that


AI TRiSM is a group effort; AI, security, compliance and operations should work together
apply TRiSM controls to AI
to implement new AI TRiSM measures. Get started with these actions: applications will consume
Set up an organizational task force or dedicated unit to manage your AI TRiSM efforts. at least 50% less inaccurate
or illegitimate information
 ork across your organization to manage best-of-breed toolsets as part of a
W
comprehensive AI TRiSM program.
that leads to faulty decision
making.
 efine acceptable use policies. Establish systems to methodically record and approve
D
Source: Gartner
user applications and document uses.

 onitor usage continuously against stated objectives, and adjust usage parameters
M
on an ongoing basis.

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 8
Minimize disruption Manage risk Harness AI

How CIOs can maximize GenAI’s potential


GenAI promises to transform a wide range of security and business processes. Here’s what CIOs should
prioritize to maximize value: Through 2025, GenAI will
Inventory, monitor and manage AI consumption of third-party GenAI applications cause a spike of cybersecurity
and features.
resources required to secure
 pdate provider and technology selection requirements to address privacy, copyright, traceability
U it, causing more than a
and explainability challenges.
15% incremental spend on
Update AI application and data security practices to integrate new attack surfaces. application and data security.
 un proofs of concept before integrating GenAI into cybersecurity programs, aiming to augment
R Source: Gartner

the work of humans, rather than replace them.

 onitor changes in the threat landscape such as declines in detection accuracy and performance
M
of existing security controls. Ensure you have access to the right intelligence on the changing threat
landscape; scenario planning for future GenAI attacks is tricky and might not be the most profitable
use of resources.

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 9
Minimize disruption Manage risk Harness AI

How CISOs can maximize GenAI’s potential


Here’s what CISOs should prioritize to maximize value:
By 2028, the adoption of
 valuate these technologies like any other tools to assess whether they create new risks with
E
sensitive data. generative augments will
collapse the skills gap,
 efine what “good” looks like to gauge how AI can improve existing security metrics without creating
D
new ones. removing the need for
specialized education
 un experiments with new features from existing security providers, starting with targeted and narrow
R
use cases in the security operation and application security areas. from 50% of entry-level
cybersecurity positions.
 pply the AI TRiSM framework when developing new first-party, or consuming new third-party,
A
applications leveraging large language models (LLMs) and GenAI. Source: Gartner

 repare and train your teams for dealing with direct (privacy, IP, AI application security) and indirect
P
(other teams using GenAI, such as HR, finance or procurement) effects stemming from GenAI uses
across the enterprise.

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 10
Minimize disruption Manage risk Harness AI

Define your direction One-third (34%) of


Your next steps:
organizations plan to deploy
GenAI in the next 12 months.
Evaluate AI technologies and decide what “good” looks like for your organization.
Source: Gartner
Maintain and refine good detection and response capabilities against uncertain and
ambiguous threats.

Invest in exposure management and threat intelligence to identify the most relevant threats.

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 11
Critical leadership roles to successfully set a strategy and implementation plan for AI

CIO/Head of Technology CISO/Security Leader + Team

CIOs are looked to by their CEO, peers and the board to develop a formal AI strategy Cybersecurity leaders must ensure that cybersecurity and data privacy are an
(and/or name an AI lead) and successfully: integral part of AI strategy and successfully:
• Set an AI ambition for the whole enterprise and identify use cases and quantify • Provide overall program oversight on security and risk
benefits and risks • Anticipate and take actions against unforeseen consequences such as data breaches
• Align business and technology teams and change organizational competencies to or copyright violations
support AI • Continuously update skills and readiness against new threats
• Name an AI lead to orchestrate ideas and promote innovation

CDAO/Data & Analytics Leader + Team Enterprise Architecture Leader + Team Software Engineering Leader + Team

D&A leaders are expected to lead their organizations EA leaders are expected to drive tangible business Software engineering leaders must understand
in setting the data for AI strategy and must value from AI and must successfully: the implications of AI technology in depth and
successfully: successfully:
• Own the full AI infrastructure roadmap
• Identify AI use cases for augmented analytics and • Govern AI technology architecture investment • Clarify the desired business outcomes for AI
data management decisions integration
• Leverage existing D&A practices and establish D&A • Lead decision making about adopting AI solutions • Establish AI engineering best practices across the
governance policies for AI to drive business outcomes organization
• Develop new sources of value from data leveraging AI • Transform products, services and experiences and
• Be AI-data ready build an AI-first approach into roadmaps

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 12
Our research revealed several insights on how to enable each
role to take effective action toward valuable AI outcomes.

Establish an AI ambition that Incorporate AI into technology


1 aligns to business goals
2 Select use cases and deploy tests 3 and business operations

CIO/Head of Judiciously choose where to focus AI efforts Align the business on pilots based on potential Lead AI adoption for the enterprise by making it
Technology following Gartner best practices to select the business value and feasibility, looking for disruption an innovation practice with dedicated leadership,
highest-impact business metrics potential while enabling strategic objectives allocated resources and funding, guardrails, and
governance

CISO/Security Stay ahead of sophisticated attackers using Identify the best use cases for AI based on More effectively manage AI risk with teams
Leader + Team AI behavior models to improve threat detection feasibility and risk reduction using Gartner’s AI Prism working on AI projects evaluating cybersecurity
capabilities for Cybersecurity considerations at each stage of development

CDAO/Data & Drive alignment by quantifying expected value More effectively prioritize use cases by selecting Efficiently drive AI delivery by augmenting cross-
Analytics Leader of AI to a specific KPI and establishing leading and business value dimensions, refining use cases, and functional teams with data experts, using the most
+ Team lagging metrics to monitor driving engagement and decisions appropriate techniques and keeping technical debt
low

Enterprise Create an effective AI ecosystem by identifying More strategically plan AI initiatives using Deliver target business outcomes and avoid
Architecture areas for deeper investigation and developing AI Gartner’s four-step capability modeling approach for failures by following Gartner’s five-phase approach
Leader + Team plans and strategies an optimal AI infrastructure to AI execution

Software Deliver world-class application development Maximize the value of AI by identifying areas of Generate breakthrough ideas by combining human
Engineering operations by adopting AI-augmented software software testing where AI will be most applicable experts with generative AI to improve exploration
Leader + Team engineering practices and impactful, such as in visual testing and understanding of the solution space

Gartner for Cybersecurity Leaders Follow Us on LinkedIn Become a Client AI in Cybersecurity: Define Your Direction 13
Actionable, objective insight
Explore these additional complimentary resources and tools: Access other AI insights from Gartner:
Building a Value-Driving AI Strategy for Your
Insights Insights Business
Cybersecurity Trends: Optimize for Resilience Build a Resilient Cybersecurity Roadmap for
and Performance Your Enterprise Get AI Ready — What IT Leaders Need to Know
See how top trends reflect the need for more agile and Keep your team focused on projects that support and Do
responsive programs. business goals and address risks.
AI-Ready Data Essentials
Tool Webinar
Gartner Cybersecurity Business Value Navigate Evolving Risks & Security Challenges Cybersecurity and AI: Enabling Security While
Benchmark in Enterprise AI Systems Managing Risk
Explore new standardized measures to benchmark vs. Learn how to secure AI and implement required measures
peers, mitigate risk and meet business objectives. to prevent AI failures.

Already a client?
Get access to even more resources in your client portal. Log In
Advance your AI
strategy by attending
a Gartner conference
Join your peers to share valuable insights on how to
communicate AI’s opportunities and risks; strategize,
pilot and scale; and manage AI’s impact on enterprise
software, talent and skills, risk, trust, and governance.

Don’t miss out.


View the conference calendar today
and find the conference that’s right for you.
View Security & Risk Conferences
View CIO & IT Executive Conferences

© 2024 Gartner, Inc. and/or its affiliates. All rights reserved. CM_GTS_3105197
Connect With Us
Get actionable, objective insight that drives smarter decisions and
stronger performance on your mission-critical priorities. Contact us
to become a client:
U.S.: 1 855 811 7593
International: +44 (0) 3330 607 044

Become a Client

Learn more about Gartner for Cybersecurity Leaders


gartner.com/en/cybersecurity

Stay connected to the latest insight


Attend a Gartner conference
View Conferences
© 2024 Gartner, Inc. and/or its affiliates. All rights reserved. CM_GTS_3105197

You might also like