SAAS SECURITY
CONTINUED
suspicious activity, which is critical in high- volume SaaS environments.” Karl adds that deepfakes are starting to be used in business email compromise and social engineering attacks. “This makes it harder for employees to distinguish legitimate requests from fraudulent ones,” he says. “Defenders, in turn, are using AI to spot anomalies in logs and behaviour faster than humans ever could. Instead of analysts manually trawling through huge volumes of data, AI models can flag unusual access patterns, suspicious integrations, or configuration changes in near real time, helping security teams prioritise where to look. “However, the fastest growing issue
“AI is being widely used with security operations tools to reduce the overall time to detection of malicious activity, resulting in faster remediation of issues. In some instances, AI is proactively automating the response to attack patterns and subtle malicious events that would historically have required a security practitioner’s review and intervention. I expect AI will continue to increase in its efficacy in responding to security issues and will be widely adopted and ultimately become an expected attribute of all Saas provider’s security practice.” Reseller role All this means that resellers have a crucial role in SaaS security. “Resellers play a critical role through ensuring solutions are deployed correctly and configured securely, as well as continuously maintained over time,” says Simon Cook, director, new offerings at Genetec. “To keep SaaS solutions secure, ensure access control is implemented, and multi-factor authentication is set up. Ensure customers are well informed about threats and establish shared responsibilities between vendor, partner and end user. Choosing platforms that simplify deployment and reduce operational complexity helps partners focus on delivering value to customers while maintaining high security standards.” Danny Hemminga, vice president of EMEA partner sales at Tanium, adds that many customers still misunderstand shared responsibility, assuming the SaaS provider handles everything. “In reality, access control, configuration and usage of SaaS environments remain the customer’s responsibility,” he says. “That gap matters. In the UK, more than 40% of businesses reported experiencing a cyber security breach in the past 12 months. This demonstrates why customers need partners who can help them manage risk continuously, not just at deployment.
Contributors
Karl Bagci
exclaimer.com
is shadow AI. Staff are connecting AI tools and assistants directly to
business systems and data without fully understanding the permissions they’re granting. This unmanaged use of AI tools is where risk is growing the quickest." Brad Bowers, lead field CISO Global at SHI, says AI is being leveraged by attackers to help make their kill chain more efficient. “Attackers often leverage AI research to find vulnerabilities or CVEs that have come out and are associated with a particular SaaS provider or technology used by a provider,” he notes. “They’re using AI derived data like Lego bricks to construct complex and modular attacks, often assembling packages of AI derived exploit code with malware or social engineering components to attempt multiple vectors of attack. “AI has upped the ante for security practitioners. There’s an old security saying, ‘The attacker only has to be right once, whereas the defender needs to be right 100% of the time’. While AI has tipped the odds in the attacker’s favour for now, it’s providing significant benefits with regards to security data. Security practitioners are using AI to better understand where risk exists within their systems, SaaS solutions and supply chain.
Anton Shelepchuk
nakivo.com
They’re using AI derived data like Lego bricks to construct complex and modular attacks... “
”
Brad Bowers
www.uk.shi.com
36
Powered by FlippingBook