SAN FRANCISCO — Machines dominated the discussion during Tuesday’s opening RSA Conference keynotes. And after a very public lashing last year, so did women. Or at least they represented half of the speakers.
RSA President Rohit Ghai and Niloofar Razi Howe, a cybersecurity strategist and entrepreneur, preached “pair programming” between humans and machines to avoid a catastrophic future for mankind. This is the idea that when two programmers work collaboratively on code, they have better outcomes. Howe extended this to humans and machines, which she called “trustworthy twins.”
But while these trustworthy twins work side by side in the security operations centers, on the bad guys’ side “the adversary is also a human paired with a machine,” Ghai said. “It is a battle of twins versus twins. One side working to erode trust, the other fighting relentlessly to pursue it.”
So the security landscape today is essentially AI versus AI. The white hats are using artificial intelligence (AI) and machine learning to protect data, networks, and people, while the black hats are using these same tools to find software vulnerabilities, steal credentials, and the like. May the best man, err, machine win.
AI will help the industry solve the security professional talent shortage, Steve Grobman, CTO and senior vice president at McAfee said. “And artificial intelligence allows us to evaluate data at scale to find that needle in a haystack of needles that has challenged us for decades. But we must look at artificial intelligence objectively. We must understand how AI will be used against us.”
AI-based technology also makes it easier for adversaries to create fake content for social exploitation and information warfare (think: Russian interference in the 2016 election).
“Machine learning and other forms of artificial intelligence make even cybercriminals better, faster, and smarter,” said Dr. Celeste Fralick, chief data scientist at McAfee.
Much of this is preaching to the choir. The RSA Conference is the “world’s largest security event,” according to Ghai, and the security professionals in attendance undoubtedly have first-hand experience using AI for security operations — and seeing it used to perpetuate attacks.
Cisco, however, took a slightly different approach to the rise of the machines.
“Some say that by 2020, there will be 250 billion IoT devices connected to the internet — that’s more than 30 devices per person on this planet,” said Matt Watchinski, vice president of Cisco’s Talos Global Threat Intelligence Group.
These connected devices — machines — will change how we interact with the world. “The first thing I’m going to need is clearly more pockets,” he joked, before adding that it’s also going to blur the line between IT and OT. “These technologies we are inventing in IoT are bleeding into our IT world, and eventually these technologies will bleed into our OT world, affecting critical infrastructure, how we deliver water and power.”
He pointed to the VPNFilter attacks, perpetrated by Russian hackers and targeting IoT and networking devices that Talos originally disclosed last summer. “It was actively seeking out industrial control traffic for OT networks and it was hoping to pivot to those networks,” Watchinski said. “We don’t know all of its effects and all the future harm it could potentially cause … but it does show us the future where IoT, IT, and OT are connected, and that future is something we will need to deal with.”
But the story didn’t end there. This wasn’t a doomsday, IoT-devices-will-kill-humanity look at the future. Or at least it doesn’t have to be if we follow a suggestion from Liz Centoni, SVP and general manager of Cisco IoT.
Security is the No. 1 barrier to scale IoT projects, and it’s also the reason why IT and OT teams must work together. But this involves more than just extending visibility and security policy across both IT and OT environments.
“Learn to make friends with the OT team,” Centoni said. “Learn how to ask the right questions in this environment so you know what is important to them.”
We’re moving toward a world where IoT, IT, OT, and InfoSec “all work together as defenders of this galaxy,” she added. “Be the bridge between IT and OT.”
In other words, it takes more than machines and humans working together to secure our galaxy. It also requires humans to work with other humans. What a quaint idea.