Navigating the Future of Cybersecurity and AI: Insights From Palo Alto Networks
The tides of technological advancement are constantly in flux, with Artificial Intelligence (AI) standing as a prime example. This powerful tool is transforming our world, not just in positive ways like improving healthcare and streamlining processes, but also in more sinister applications. As Steven Scheurmann, Regional Vice President for ASEAN at Palo Alto Networks, recently pointed out, cybercriminals are actively wielding AI for malicious purposes.
Steven, speaking at a media briefing held alongside Palo Alto Networks’ flagship Ignite Tour event at the One World Hotel, Petaling Jaya, shed light on a concerning trend: AI-powered infiltration of access points. Cybercriminals are leveraging this technology to steal voices and images, then manipulate them using AI to create alarmingly convincing forgeries.
This raises a critical question: Are we prepared for the new wave of cyber threats ushered in by the very technology designed to make our lives easier?
Why Cybercrime Education Matters
Steven highlighted the vulnerability of two groups: The elderly and those unfamiliar with technology. The elderly’s trusting nature and potential cognitive decline make them prime targets. Others may simply miss red flags due to a lack of knowledge.
To combat this, Steven emphasises education. Public awareness campaigns, including collaborations with partners and governments, are crucial. He also advocates for a “zero trust” mindset, where users approach all online interactions with caution. He adds that educating the public or certain demographics on the dangers and tactics used by scammers is a collective effort, which is why Palo Alto Networks has been proactively working together with partners and governments to spread awareness.
Interestingly, Steven criticises the media’s sensationalisation of cybercrime, which often shames victims. This discourages reporting, hindering investigation and prevention efforts. Fewer reports mean fewer insights into criminal tactics, making it harder for cybersecurity professionals and law enforcement to stay ahead of the curve.
The AI Double-Edged Sword
Meerah Rajavel, Palo Alto Networks’ CIO, called AI a “double-edged solution.” While 43% of organisations leverage AI for good (improved experiences, efficiency, innovation), a concerning trend is emerging. Up to 50% of employees unknowingly use AI tools like personal productivity apps or independent problem-solving methods.
This “shadow IT” poses security risks. Unaware employees might use open-source language models (like ChatGPT) and feed them sensitive data (customer info, business strategies) without understanding proper data security. This could lead to serious breaches.
Meanwhile, in the hands of cybercriminals, AI technologies are used to expedite the development time of ransomware. This enables them to launch attacks and infiltrations more frequently and on a larger scale.
This is why, Palo Alto Networks is taking a holistic look and approach that they apply for both their internal operations and customers:
- Securing AI by design
Meerah emphasised the critical importance of visibility in managing AI security. Ensuring comprehensive visibility means having a clear and detailed understanding of who is using AI tools, what type of AI tools they are using and how they are using it. This enables their team to devise suitable response plans in advance and ensure their system is protected during runtime.
- Using their AI cybersecurity tools to combat AI-powered threats
Meerah shared that by leveraging their AI-powered products, they can quickly monitor and determine the number of currently active AI applications, and the number of users currently using AI applications. This enables them to have greater visibility in their AI security posture.
Is Malaysia AI-Ready Enough?
Also present during the media briefing was Nazri bin Ahmad Zamani, a Digital Forensics Specialist at CyberSecurity Malaysia, who discussed Malaysia’s readiness for AI adoption.
Nazri warned that while Malaysia’s infrastructure is fully prepared for AI, its technological capabilities are only about 50% ready. He also highlighted concerns about data governance and sovereignty, particularly the storage of confidential data on foreign servers, which raises issues of data security and compliance with local regulations. The primary worry is the potential risks and challenges in controlling and protecting sensitive information stored abroad, where different data protection laws apply.
To address these challenges, Nazri suggested that the Malaysian government develop comprehensive AI education programs. These should span from schools to universities and professional training institutes, focusing on both theoretical knowledge and practical applications. This approach aims to close the current gap in AI readiness by cultivating a skilled workforce capable of driving innovation and economic growth.
Additionally, collaborations with industry experts and international partners could align Malaysia’s efforts with global AI trends and best practices, creating a supportive ecosystem for continuous learning and adaptation in AI technologies.