Organizations must leverage artificial intelligence (AI) to tackle the cybersecurity talent shortage by offloading routine threat analysis tasks to chatbots and machine learning. This shift will free up analysts to focus on more complex and strategic challenges, said Steve Ledzian, Chief Technology Officer (CTO) of Google Cloud Security at Mandiant Asia Pacific in Japan.
Despite significant investments in internal security tools and controls, most organizations only become aware of cyberattacks through external entities such as law enforcement agencies or cybersecurity vendors, according to Business Standard, Ledzian noted.
“This highlights the need for better detection efficacy, efficiency, scalability, and improved telemetry retention for investigations. On the services side, there is continued demand for red teams, tabletop exercises, and compromise assessments,” he explained.
With AI becoming a crucial tool for both defenders and attackers, malicious cyber actors have shifted their focus to edge devices, such as virtual private network (VPN) gateways and file-sharing appliances, which typically lack endpoint detection and response capabilities, Ledzian warned.
“These devices are internet-connected yet also link to internal networks, making them ideal hiding spots for attackers. If defenders recognize this trend early, they can implement compensatory measures, such as enhanced network detection and response (NDR) telemetry,” he said.
Ledzian also predicted that AI will soon render obsolete the practice of monitoring the dark web for gathering intelligence on malicious indicators of compromise, such as domains and hashes.
Although the specifics of cyberattacks may vary depending on a region’s digital maturity, certain threats—such as ransomware, business email compromise, and supply chain attacks—continue to persist on a global scale, he concluded.
