In previous articles, we've discussed the ubiquity of AI-based systems and the risks they're facing; we've also described the common types of attacks against machine learning (ML) and built a list of adversarial ML tools and frameworks that are publicly available. Today, the time has come to talk about countermeasures. Over the past year, we've been working on something that fundamentally changes how we approach the security of ML and AI systems. Typically undertaken is a robustness-first approach which adds complexity to models, often at the expense of performance, efficacy, and training cost. To us, it felt like kicking the can down the road and not addressing the core problem – that ML is under attack. Back in 2019, the future founders of HiddenLayer worked closely together at a next-generation antivirus company.

The onslaught of endpoint attacks delivers more and more data -- data that DevOps teams need to fine-tune existing products and invent new ones. Mining attack data to identify new threat patterns and correlations, then fine-tuning machine learning (ML) models and new products, is the goal. Gleaning new insights from endpoint attack data is a high strategic priority for market leaders. During his keynote at Palo Alto Networks' Ignite '22 Conference, Nikesh Arora, Palo Alto Networks chairman and CEO, said, "we collect the most amount of endpoint data in the industry from our XDR. We collect almost 200 megabytes per endpoint, which is, in many cases, 10 to 20 times more than most of the industry participants. Because we take that raw data and cross-correlate or enhance most of our firewalls; we apply attack surface management with applied automation using XDR."

Human intelligence and intuition are vital to training artificial intelligence (AI) and machine learning (ML) models to provide enterprises with hybrid cybersecurity at scale. Combining human intelligence and intuition with AI and ML models helps catch the nuances of attack patterns that elude numerical analysis alone. Experienced threat hunters, security analysts and data scientists help ensure that the data used to train AI and ML models enables a model to accurately identify threats and reduce false positives. Combining human expertise and AI and ML models with a real-time stream of telemetry data from enterprises' many systems and apps defines the future of hybrid cybersecurity. "Based on behaviors and insights, AI and ML allow us to predict [that] something will happen before it does," says Monique Shivanandan, CISO at HSBC, a global bank.

By 2025, the artificial intelligence (AI) software market will expand from 2021's $33 billion to $64 billion, according to a new report. And cybersecurity is the fastest-growing category of AI spend, experiencing a rise in spending of 22.3% compound annual growth rate (CAGR). "Cybersecurity is the fastest AI software growth category, with a focus on the real-time monitoring of and response to attacks," the report states. The next two categories, customer and human capital management (22%) and process optimization, knowledge, and data intelligence (18.3%), also have cybersecurity elements, so the impact on security tool makers could be even more significant. This comports with the emphasis companies have placed on their AI-enhanced software and services.

A new report from MIT and Deep Instinct seeks to dispel confusion in the cybersecurity market ... [ ] between artificial intelligence, machine learning, and deep learning. There are a lot of buzzwords in the world of cybersecurity marketing. When an emerging concept hits a certain viral tipping point, it seems like suddenly all vendors are using the same buzzword--which just makes everything more confusing. Artificial intelligence and machine learning are ubiquitous in cybersecurity marketing--and often confused with each other and with deep learning. A recent report from MIT clarifies the distinction between the three, and emphasizes the value of deep learning for more effective cybersecurity.

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Consolidating their organization's tech stacks, defending budgets and reducing risk are three of the top challenges facing CISOs going into 2023. Identifying which security technologies deliver the most value and defining spending guardrails is imperative. Forrester's 2023 security and risk planning guide provides CISOs prescriptive guidance on which technologies to increase and defend their investments and which to consider paring back spending and investment.

Resecurity, a cybersecurity company providing managed threat detection and response, has opened a new office in Silicon Beach, an area known as the technology capital of Southern California. Resecurity becomes the first recognizable cybersecurity player in the area, making the local tech ecosystem more diverse and progressive. While Silicon Valley is known as the tech and startup hub throughout California, Silicon Beach is a rising ecosystem in this arena. Silicon Beach is home to an innovative collection of tech companies in Los Angeles (LA). The region has attracted an estimated 500 tech companies, ranging from startups, like Bird and Fair, to global policy think tanks and established tech giants like the RAND Corporation, SpaceX, Google and Facebook.

We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Fast-growing ransomware, malware and endpoint-directed breach attempts are reordering the threat landscape in 2022. It's appropriate that RSA Conference 2022's theme is'transform,' as new threats continue to call for rapid changes in endpoint security. CISOs and CIOs are transforming their cloud infrastructure and hybrid cloud strategies, accelerating devops internally to produce new apps and platforms, and relying more on software-as-a-service (SaaS) apps than ever before to meet time-to-market goals. Vendors promoting cloud security, extended detection and response (XDR) and zero trust dominated RSAC 2022.

Today's cyber security technological evolution milestones in the context of effective detection and response are the endpoint detection and response (EDR), Manage Detection and Response (MDR), and Network Detection and Response (NDR). However, these all solutions are running independently and missing the correlated high level processed alert to which Extended Detection and Response (XDR) is a solution that emerged, rather than adding another tool, XDR aims to change this security landscape and enable a more compelling activity of the security stack. What problem does XDR solve? Attackers often target endpoints, but they also target other layers of the IT domain in the corporate network, such as email servers and cloud systems, and they may bounce between layers or hide in the interface between them to evade detection. XDR solves both problems at once.

Artificial intelligence provides enormous benefits for cyber threat detection, but the technology can't do the job alone. That was the primary message during a session at the Ai4 2022 Cybersecurity Summit featuring two government cybersecurity professionals -- Garfield Jones, associate chief of strategic technology for the Cybersecurity and Infrastructure Security Agency (CISA), and Peter Gallinari, data privacy officer for the state of Tennessee. The duo discussed the promise of AI threat detection and fielded questions about what they saw as the future of such technology, the potential challenges and how humans will fit into the picture. Jones made it clear early in the panel that every cybersecurity system implementing AI will still require human involvement. "My perspective on this is that AI definitely has a future in threat detection and response," Jones said.