AI lowers the barriers for attackers: AI has made the days when attackers had to “hack” systems and slowly and carefully scout out the environment a thing of the past. Now they can simply ask an AI assistant for sensitive information or access data to move laterally within the environment.The biggest challenges for cybersecurity posed by AI are:
Employees have access to too much dataSensitive data is often not marked or is marked incorrectlyInsiders can quickly find and exfiltrate data using natural languageAttackers can find secrets for privilege escalation and lateral movementIt’s impossible to manually set the right level of accessGenAI quickly generates new sensitive dataThese data security challenges are not new. However, the speed and ease with which AI can expose information to attackers makes them easier than ever to exploit.
Protective measures against the AI risk: The first step in eliminating the risks associated with AI is ensuring the homework has been done. Before using tools as powerful as Copilot, CISOs need to know where all their sensitive data is located. They also need to be able to analyze threats and risks, close security gaps, and efficiently fix misconfigurations.Only when CISOs have a firm grip on data security in their environment and the right processes are in place is the company ready to introduce AI assistants. Even after installation, security managers should continuously monitor the following three areas:
Access rights. It’s important to ensure that employee permissions are properly sized and that the AI tool’s access matches those permissions.Classification. As soon as CISOs know what sensitive data the company has, they can label it to effectively enforce DLP rules.Human activity. The use of AI assistants must be monitored and any suspicious behavior detected. Analyzing the prompts and the files that are accessed is crucial to prevent the misuse of artificial intelligence.Volker Sommer has worked in the software sector for more than 25 years the last eight of which have been in cybersecurity. Since early 2024, he has been responsible for the German-speaking region and eastern Europe as regional sales director at Varonis Systems. Previously, he worked for VMWare/Carbon Black, Sailpoint and Palo Alto Networks, among others.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3827114/how-to-prevent-ai-based-data-incidents.html
