Interview: Chris Fisher, Vectra AI
After years of extensive disruption, will 2024 see the dust settle or can we expect the same rate of change?
No, the dust won’t settle, particularly when looking at cybersecurity vulnerabilities. In 2023 the biggest change was that attackers moved away from traditional endpoint style attacks to focus on network infrastructure. There have been huge — almost weekly — occurrences of security vendors experiencing significant vulnerabilities that have allowed attackers to access organisations.
As we move into 2024, this will continue. We recently saw a level ten vulnerability released by Cisco, and we don’t see this type of level of vulnerability very often anymore. It indicates that attackers see networks as a soft target, and they will continue to exploit this as organisations struggle to stop lateral movement. Once attackers get a foothold, they can do very significant damage and move in a way that they’re not being seen.
Despite industry-wide layoffs, specific tech skills are still high in demand after many years. How can this be effectively addressed in 2024?
Right now, we’re not getting many people coming through from university pathways. Not to mention that we often hear comments that security analysts are under a great amount of pressure and experience huge alert fatigue.
What’s promising as we look to 2024 is we should see more generative AI toolsets being adopted and this will continue to grow. Already it’s proving how the technology can be used to alleviate a lot of those pressures facing security teams. The best-case scenario is that we strike a balance of having human analysts supported by AI. I believe this will attract more people to the sector because they’re far better supported and there are more career opportunities.
Machine learning, AI and automation have grabbed the headlines — what separates the hype from reality in terms of useful application?
First and foremost, we must understand what we mean when we say AI. Generative AI is what’s making headlines but it’s only one small aspect of the technology. While GenAI can be utilised in a security context, it’s applied and adaptive AI that will drive true change.
To consider what security teams desperately need, it’s to sift signals of attack from a multitude of data, and then respond quickly and effectively. Applied and adaptive AI can help us to find the needle in the haystack, to then stop the breach and remediate impact of the attack.
When utilised correctly, AI can help SOC teams to battle the ‘spiral of more’, that is, more attack surfaces, more methods used by attackers and more complexity of hybrid attacks.
Privacy, data security and the exceptional customer experience, can they coexist?
I think privacy, data security and customer experience can coexist. The challenge is understanding where the data is and how it’s being used. We hear all the time that security ruins customer experience, but we simply must look at the critical flow of data and utilise the likes of cloud to enable better customer experiences.
Traditionally, security teams may put in network devices that sit in line so they can inspect and run checks that ultimately slow down the experience. When we use cloud, we can still gather information, while still building the policies and controls to ensure we’re protecting the privacy of the individual, and streamline user experience. As security teams catch up with how cloud technology works, customer experience will inevitably improve.
Phishing-resistant MFA: elevating security standards in the public sector
Phishing remains a significant issue for government agencies, and current MFA solutions often...
Building secure AI: a critical guardrail for Australian policymakers
While AI has the potential to significantly enhance Australia's national security, economic...
Building security-centric AI: why it is key to the government's AI ambitions
As government agencies test the waters of AI, public sector leaders must consider how they can...