Check out all the on-demand sessions from the Intelligent Security Summit here. Weaponizing artificial intelligence (AI) to attack understaffed enterprises that lack AI and machine learning (ML) expertise is giving bad actors the edge in the ongoing AI cyberwar. Innovating at faster speeds than the most efficient enterprise, capable of recruiting talent to create new malware and test attack techniques, and using AI to alter attack strategies in real time, threat actors have a significant advantage over most enterprises. "AI is already being used by criminals to overcome some of the world's cybersecurity measures," warns Johan Gerber, executive vice president of security and cyber innovation at MasterCard. "But AI has to be part of our future, of how we attack and address cybersecurity."

Security teams can't protect what they don't know about. But it is not enough to just understand what they have within their organizations' environment. Defenders also need to put themselves in an adversary's shoes to understand which systems are likely to be targeted and how the attack would be carried out. Technologies such as attack surface management and attack path modeling make it possible for security teams to gain visibility into which assets adversaries can see and how they might gain access. With attack surface management, organizations are continuously discovering, classifying, and monitoring the IT infrastructure.

Advanced cybersecurity capabilities are essential to safeguard software, systems, and data in a new era of cloud, the internet of things, and other smart technologies. In the real estate industry, for example, companies are concerned about the potential for hijacked elevators, as well as compromised building management and heating and cooling systems. According to Greg Belanger, vice president of security technologies at CBRE, the world's largest commercial real estate services and investment company, securing the enterprise has grown more complex--security teams must be familiar with controls and hardware on new devices, as well as what version of firmware is installed and what vulnerabilities are present. For example, if a heating, ventilation, and air-conditioning (HVAC) system is connected to the internet, he questions, "Is the firmware that's running the HVAC system vulnerable to attack? Could you find a way to traverse that network and come in and attack employees of that company?" Understanding enterprise vulnerabilities are crucial to safeguard physical assets but investing in the right tools can also be a challenge, says Belanger. "Artificial intelligence and machine learning need large sets of data to be effective in delivering the insights," he explains. In the era of cloud-first and industrial internet of things, the perimeter is becoming far more fluid. By applying AI and machine learning to data sets, he says, "You start to see patterns of risk and risky behavior start to emerge." Another priority when securing physical assets is to translate insights into metrics that C-suite leaders can understand, to help boost decision-making. CEOs and members of boards of directors, who are becoming more security savvy, can benefit from aggregated scores for attack surface management. "Everybody wants to know, especially after an attack like Colonial Pipeline, could that happen to us? How secure are we?" says Belanger.

During the past few months, Microsoft Exchange servers have been like chum in a shark-feeding frenzy. Threat actors have attacked critical zero-day flaws in the email software: an unrelenting cyber campaign that the US government has described as "widespread domestic and international exploitation" that could affect hundreds of thousands of people worldwide. Gaining visibility into an issue like this requires a full understanding of all assets connected to a company's network. This type of continuous tracking of inventory doesn't scale with how humans work, but machines can handle it easily. For business executives with multiple, post-pandemic priorities, the time is now to start prioritizing security. "It's pretty much impossible these days to run almost any size company where if your IT goes down, your company is still able to run," observes Matt Kraning, chief technology officer and co-founder of Cortex Xpanse, an attack surface management software vendor recently acquired by Palo Alto Networks. You might ask why companies don't simply patch their systems and make these problems disappear. If only it were that simple. Unless businesses have implemented a way to find and keep track of their assets, that supposedly simple question is a head-scratcher. But businesses have a tough time answering what seems like a straightforward question: namely, how many routers, servers, or assets do they have? If cybersecurity executives don't know the answer, it's impossible to then convey an accurate level of vulnerability to the board of directors. And if the board doesn't understand the risk--and is blindsided by something even worse than the Exchange Server and 2020 SolarWinds attacks--well, the story almost writes itself. That's why Kraning thinks it's so important to create a minimum set of standards.