Next Level Risk With The Rapid Growth of AI Calls for Next Level PAM
By: Ali Gomulu
It is one thing when enterprises use automation, including AI, to improve the efficiency of their ERP, HR, accounting, and other systems, and of course, any enterprise system which collects, stores, and uses data should be fully protected, including a solid Privileged Access Management (PAM) solution as a core part of their IT architecture.
It is another thing when certain enterprises sell services that leverage AI to provide convenience and safety, for example, in the connected vehicle’s world. Cybersecurity and the ironclad lockdown of system elements, data, applications, and near-real-time – and increasingly real-time automated solutions has never been more important.
Imagine the damage that could be done if an adversary hacked into one of the systems that control self-driving or driver-assisted vehicles. Lives could be lost, and entire cities could be shut down.
Imagine an attack on the electricity grid, should an individual or ring get in through an AI system designed to ensure availability and uptime – neighborhoods could go dark, offices, factories, schools, and public venues could come to a halt, and communities could be held ransom.
Imagine what would happen to our public transportation systems, which are increasingly controlled by AI-based systems – from air traffic control to train control and rail crossings – driverless light rail and subway cars – and more.
Then there are the drones, which have risen out of “science fiction” and are already delivering prescriptions and other essentials directly to doorsteps and are designed to work with other systems, including GPS, and are made increasingly efficient using algorithms.
AI is a huge domain, with billions of investment dollars pouring in and applications across nearly every IT application in enterprises small to large. Capabilities are advancing and given new platforms competing with the most well-known platforms, like IBM’S Watson, companies are enjoying significant, tangible benefits from adoption. Governments have developed national strategies for AI and are making substantial investments in research and education. AI is increasingly being integrated into not only the application layer but into the physical-digital operating infrastructure, on-premise, and in the cloud.
IDC forecasts that spending on AI technologies will grow to US$97.9 billion in 2023—more than two and a half times the spending level of 2019.
There is no doubt that AI-based applications will continue to propagate and grow even more embedded, so it is paramount that IT executives responsible for security make sure these systems are protected, and Privileged Access Management (PAM) is an essential part of that process.
We are seeing governments around the world establish public policies creating “AI Security Compliance” programs designed to reduce the risk of attacks on AI systems and lower the impact of attacks that do take place.
In large part, they are in some cases suggesting, and in other cases mandating compliance programs, including a set of best practices in securing systems against AI attacks, including considering attack risks and surfaces when deploying AI systems, adopting IT safeguard policies to make attacks difficult to execute, and creating attack emergency response plans. They follow the guidelines of existing compliance, for example, PCI compliance for securing payment transactions and HIPAA for securing health information and are becoming increasingly detailed. Most security experts believe regulators will require compliance both for government use of AI systems and in the private sector, which has already identified high-risk uses of AI where attacks would have severe societal consequences.
How can your organization prepare?
First, identify all systems where AI is already a part of the computing, and make sure those systems are protected with a solid security posture, including PAM.
Second, identify future AI-based technologies and make sure the vendors providing the software have taken their own precautions to ensure encryption is built-in and that their products have been fully tested and certified if certifications exist.
Third, create policies and procedures as part of your environment and planning and budgeting processes, as AI is bound to grow in adoption, especially in advanced industries, including banking, financial services, healthcare, e-commerce, and more.
Do not forget the clouds you may use and make it your business to research how public clouds are using AI and what the implication to your business may be.
Remember that by using PAM across the enterprise by investing in your cybersecurity domain and focusing on monitoring and controlling privileged users and privileged accounts within your organization.
Privileged users have access to IT and network infrastructure for operation and administration purposes or have access to sensitive information or assets, such as customer records, employees’ payroll, and financial records. Sample privileged users are:
- System, database, and application administrators who have continuous and unrestricted access to a broad range of assets
- Help desk agents who have restricted access to a broad range of assets
- Business Application (e.g., ERM, Salesforce) users or users of an organization’s social media (e.g., LinkedIn, Twitter) accounts
- Nonemployees, such as vendor support, consultants, contractors
Privileged users access an organization’s critical systems, resources, and assets using elevated or unrestricted accounts, i.e., privileged accounts. These accounts include local and domain administrative accounts, service accounts, emergency accounts, application accounts and are referred to as “the keys to the kingdom.” They are primary targets of both external and internal malicious users and have been used in successful attacks to gain access to an organization’s critical systems and resources, resulting in data breaches or service outages that have material business impact. So, privileged accounts are a potential source of threats to the security posture of any organization because of their elevated/unrestricted access to critical systems and sensitive information.
Gone unchecked and mismanaged, privileged users now have access to AI-based systems that control both digital and physical assets – and the risks across both domains will increase as adoption increases. We’d be happy to speak with you about your plans for AI in 2021 and beyond and explain how affordable and painless it is to ensure preparedness and compliance.
As Attacks on Infrastructure Continue to Intensify, Cyber Security Leaders Call for Further Investment
This past week Colonial Pipeline company, which operates a pipeline that carries gasoline, diesel fuel, and natural gas along a 5,500-mile path from Texas to New Jersey, was forced to take itself offline after being attacked by a criminal cyber gang. The Colonial Pipeline, which carries 2.5 million barrels a day, nearly 50% of the East Coast supply of diesel, gasoline, and jet fuel, is still working to restore service and gain access to its systems after the malicious cyberattack while its four mainlines remain offline.
As Infrastructure Week Begins in the US, A Massive Ransomware Attack Drives the US Government to Enact Emergency Legislation
The US government issued emergency legislation earlier this week after the largest fuel pipeline in the US was hit by a ransomware cyberattack.
Buy it Wholesale, Sell it Retail: How MSPs and MSSPs can Benefit from Multitenancy Cyber Security Solutions
Managed Service Providers (MSPs) and Managed Security Service Provider (MSSPs) have a stressful job. They must provide cybersecurity solutions to their clients, protecting them from a broad and growing range of threats, and ensure their customers’ networks, equipment, data, systems, people, and reputations are insulated from malicious forces.