Alistair Wildman, Palo Alto Networks. Image: Roger Kenny/RK Media
Palo Alto Networks CEO for the UK and Ireland, Alistair Wildman, discusses cybersecurity in the face of AI and the rise of platformisation.
Last month, cybersecurity company Palo Alto Networks brought its annual Ignite on Tour event to Dublin. Held at the Anantara The Marker hotel, a series of keynote speeches and fireside chats dove into some topical subjects and trends that are affecting the modern threat landscape.
In one of the first discussions of the day, Palo Alto Networks’ CEO of UK, Ireland, Nordics and Benelux Alistair Wildman discussed the effects of artificial intelligence (AI) on the threat landscape as well as Palo Alto Networks’ ‘Precision AI’ cybersecurity solution, which combines machine learning, deep learning and generative AI into a consolidated cyber defence product.
During the talk, which Wildman conducted alongside Palo Alto’s country manager for Ireland Adrian Purcell, the seriousness of AI-driven cyberthreats was emphasised. From increasing the level of sophistication to lowering the time it takes to compromise data, the enhanced capabilities of AI use by bad actors are numerous.
Sitting down with SiliconRepublic.com after the talk, Wildman went into more detail on how cybercriminals are using the innovative tech to drive their nefarious pursuits.
He talks about how Palo Alto’s intelligence teams have seen an ongoing trend on the dark web where cyberthreat services – such as ransomware-as-a-service and phishing-as-a-service – are being supported by AI technology.
“[Bad actors] are using, typically, AI-driven tooling to help to speed up the build of that ransomware, or speed up the maliciousness of those attacks,” he says.
Then there’s the issue of deepfakes, which he says are becoming increasingly more sophisticated.
He talks about how with some new AI technologies, only a few seconds of audio are needed to mimic a person’s voice. With some of this advanced tech, an entire Zoom call could be conducted with fake voices and superimposed faces, with a target left none the wiser.
“There’s some really sophisticated software out there to do that that you just can’t tell … and it’s getting more and more sophisticated.”
This advanced technology, as Wildman points out, is not only utilised by nation-state actors but can be used by anyone, “even a bored 15-year-old in his bedroom in Manchester”.
Stay up to date
A big part of staying resilient to modern cyberattacks, especially those orchestrated with the assistance of AI, is to have up-to-date software and security infrastructure, says Wildman.
“The majority of vulnerabilities are when servers or even firewall software is just not kept at the latest version,” he says, “and when it’s not at the latest version, it’s kind of out of sync, and there could be a vulnerability.
“There are vulnerabilities in software anyway that are published by the software providers that you have to patch at that point. And you’d be surprised how many companies don’t get around to doing it, or haven’t patched properly.”
He says that smaller companies especially fall victim to this, as they might not have a big IT team.
“Anything that’s got software, software needs to be at the latest version, because that latest version, it’s all about security. The reason you have the new version is to make it more secure, because someone has found something out.”
As well as keeping up to date, Wildman believes that in the age of AI-driven attacks, companies need to fight fire with fire and utilise AI appropriately in their defence strategies. But to do that, companies need to ensure their systems are up to date.
He says that if a company – big or small – is using technology that is more than two years old, especially tech that predates the AI boom, it could put them at a disadvantage.
“If you’re running older technology, it’s most likely that you don’t have AI embedded. So already you’re at a disadvantage because the bad guys have got AI so they can move quicker.
“Most of the people that were affected by incidents are running older technologies that they haven’t got around to upgrading. It could be from the biggest banks to the biggest insurance companies, it doesn’t have to be a small company,” says Wildman. “It could be really big companies as well, because they’re just getting around to upgrading technology.”
He cites healthcare organisations and universities as frequent victims of breaches in the past few years as traditionally, their security systems don’t have as much sophistication as other sectors – although he says that they are getting better.
He points out that in the UK especially, universities have been heavily targeted over the last few years. In fact, a UK government report from last year stated that 97pc of higher education institutions identified a breach or attack in the previous year.
A more careful approach
With a rise in cybersecurity concerns and a push for defences against AI-driven attacks, Wildman predicts that cybersecurity leaders are going to be more careful and selective when it comes to their cybersecurity strategies – especially when it comes to choosing third-party services.
He says there’s currently (and will continue to be) a big push for platformisation, which is where a company consolidates as much technology and security functions from a single vendor, as opposed to multiple, as they can for easier management and stronger security.
“It’s easier to manage, because all the pieces of the jigsaw puzzle all come back to one partner,” says Wildman. “In the past, people who were making decisions on security technologies were just going for whatever they fancied or whatever they like to use, and now it’s like, ‘OK, now we need to get a little bit more of a structure and a strategy’.”
Platformisation, Wildman predicts, is going to grow ever popular in the year ahead. While some may expect cybersecurity budgets to grow in the face of increased threats, Wildman doesn’t necessarily agree. He says that CIOs and CISOs are going to get much smarter about how they spend their budgets, and he says that platformisation will play a big role in this strategy.
He says that the ‘best of breed’ strategy that was popular in the past, where security teams sought the best of every product, will be replaced by a ‘fit for purpose’ methodology where every function is selected for optimal use within a sole platform.
As well as platformisation, Wildman thinks that endpoint detection and response (EDR) vendors might really struggle in the near future as companies switch their focus to extended detection and response (XDR) services.
While EDR provides real-time monitoring for endpoint devices, XDR offers detection and response functions across several security layers, including endpoints, servers, cloud and emails. “It covers more ground,” explains Wildman.
Another trend that he expects to see is a drop in generic software purchases, which he refers to as technology bundles that have a generic security function added in.
“People realise that that’s probably not the best way to secure so if you’re getting something for free because it’s part of a package, it most likely isn’t that great,” he says. “I think that we’re seeing more sophisticated actors looking at exploiting those kind of more generic software security technologies.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
