As the digital landscape enters the age of Artificial Intelligence, the traditional methods of securing applications are being fundamentally challenged. The emergence of advanced AI models has shifted the advantage towards attackers. With AI, even a novice attacker is now weaponized into a sophisticated hacker while operating semi-autonomously at very low cost, and unprecedented scale. Imagine the massive damage that ransomware gangs and/or nation-state actors could do with these cyber weapons. In recent times, ransomware attacks have led to business operations going offline for weeks and months, resulting in financial losses in hundreds of millions of dollars. To maintain a cyber resilient posture, organizations must move beyond reactive security and embrace a proactive defense-in-depth strategy centered on lateral security and virtual patching.
AI-discovered Tsunami of Exploits
Frontier AI models have the intelligence to identify unknown (zero day) software vulnerabilities (bugs) and find ways to exploit them faster than ever before. Attackers can leverage these exploits to infiltrate digital enterprises, propagate laterally, hopping and hunting, to find high value assets for ransom or for stealing secrets. They can initiate widespread, volumetric and/or targeted attacks semi-autonomously – leading to an exponential increase in the attack surface. “Security through obscurity” is no longer a viable cyber security strategy.
If enterprises can quickly patch software vulnerabilities, they can certainly reduce the risk of a breach and/or its spread. However, this is an extremely time consuming and resource intensive endeavor. There are thousands of software tools and apps, each with varied software versions, deployed on different types of hardware and operating systems and spread across multiple data centers. In larger organizations, “race to patch” can take weeks to months to roll out patches enterprise wide, leaving the organization exposed to infiltration, ransom and potentially business disruption.
To help quickly protect against this tsunami of exploits unleashed against workloads & apps and to buy down risk, enterprises need to focus on two key defenses for their private cloud workloads:
- Enable virtual patching using intrusion prevention systems and web application firewall
- Restrict propagation of attacks with lateral segmentation
Read the full blog here.