Trend Micro Security VP talks IoT and AI – is secure possible in the world of tomorrow?
With the Internet of Things and Artificial Intelligence set to revolutionize the world we live in questions are now being raised on how effectively a network can be secured with future innovations.
June 27, 2016
With the Internet of Things and Artificial Intelligence set to revolutionize the world we live in questions are now being raised on how effectively a network can be secured with future innovations.
Speaking at Cloud & DevOps World, Trend Micro’s Global VP of Security Research Rik Ferguson highlighted the challenge is not so much to secure the perimeters, but an organization’s ecosystem first and foremost.
“The main challenge for security today is that the people who are creating these solutions and products are rushing to the market,” said Ferguson. “Most of the time security is considered a bolt on; once the product has been designed thoughts turn to security. For a device or product to be fully secure, we need to make sure security is embedded into the process from the outset, not only in the device, but in the ecosystem.”
Island hopping would not generally be considered a new means to penetrate a network, though the challenge is set to become larger with the normalization of IoT. The practice of island hopping claims every person and organization is vulnerable, though they may not be considered the end target. A cyber-criminal may not go to the target company first, but to an affiliate, preferably a smaller one which may not be as secure. Once inside the smaller company, which could be in-charge of payroll, HR, pensions, legal etc., moving laterally into the target company’s network becomes a simpler job.
This in itself is one of the main challenges for Ferguson. Securing the devices themselves could be an almost impossible task, statista estimates the number of connected devices will exceed 50 billion by 2020, but ensuring a company’s supply chain is secure is the most direct route to secure.
While this is a new way of thinking about security, the introduction of artificial intelligence poses another problem for security engineers. Most in the industry would accept the idea a company’s least secure aspect of its perimeter are the employees themselves. This is most evident when it comes to shadow IT and BYOD propositions, due to the difficulties in securing a company against human error. But what about the potential for disaster with AI?
Ferguson highlighted the further AI progresses, the more the offering becomes like a human, capable of intuition, reasoning and automated decision making. The more AI progresses, the more dangerous it becomes in terms of security. If human error is the biggest threat to a company’s security, it should stand to reason the more AI becomes like a human, the greater the potential for AI-error.
It should also be noted this is a potential challenge; it’s very much a theory. Ferguson highlighted it is logical, but it is still some way off. AI is in its early days; the progress which has to be made before AI is given the decision making responsibilities which would have this impact on the business.
About the Author
You May Also Like