Washington D.C. ― mWISE ― Artificial intelligence is poised to tip the balance of power in cyberspace, favoring defenders over attackers by providing beleaguered security teams with faster threat assessments, according to Kevin Mandia, CEO of Mandiant at Google Cloud, on Monday.
“AI gives a greater advantage to the defender because of the way it will eliminate toil and the fact that we are being overwhelmed on the defensive side of the ball,” stressed Mandia while delivering his opening remarks at the Mandiant Worldwide Information Security Exchange (mWISE), the three-day-long conference hosted by the company in Washington D.C.
Addressing the issue of employee burnout, the CEO identified it as a major roadblock to progress in the cybersecurity arena. He pointed out that security teams are often fraught with a deluge of alerts related to the assets they are tasked with protecting. Adding to the complexity, Mandia highlighted the asymmetry in cyber warfare—while attackers only need to find one vulnerability to gain access, defenders must secure every potential entry point to thwart unauthorized incursions.
“The biggest thing that is causing burnout is, in fact, a feeling that they are inefficient,” elaborated Mandia. “They are going through log files all day long, looking for things. They are stuck in the toil of something that is omnipresent and causes pressure. In an analogy that I frequently use, we, the cyber defenders, are playing a goalie that attackers have unlimited penalty kicks at. We are diving left and right, blocking the ball. And the only time we get noticed is when the goal happens.”
However, AI is poised to tip the scales in favor of defenders, according to the CEO, who outlined the transformative impact in three key areas: threats, toil, and talent. Firstly, AI promises to accelerate threat assessments and generate real-time profiles of threat actors. Secondly, this groundbreaking technology will democratize investigative expertise, enabling users at all levels to rapidly identify threats. Lastly, AI is set to bridge the talent gap by not only understanding risk assessments but also by fortifying customer defenses with unprecedented efficiency.
To delve further into the specifics, the CEO pointed out that AI will assist security teams by swiftly synthesizing and presenting historical data. The technology is also expected to offer a myriad of other benefits including generative reporting, accelerated intelligence gathering, enhanced scaling and understanding of vulnerabilities, as well as the detection of disinformation and streamlined malware review and attribution.
“Imagine the scale and scope and the avoidance of burnout,” said Mandia, referring to the advantage that AI will bring. “The first bullet is about having what we call in the Air Force the heads-up display. You will immediately see intel from different vendors which is all synthesized for you, no longer doing a search and reading 27 PDFs,” added the threat intelligence firm founder.
“Learn AI and lean into it,” emphasized Mandia. “Use it to scale your change to avoid burnout and get far greater.”
Mandiant, a global leader in threat intelligence, was founded in 2004 on the premise that cybersecurity breaches are inevitable and that companies cannot solely rely on preventative measures. Since its acquisition by Google in September 2022, the company has operated as an integral part of Google Cloud.
