News in the Channel - issue #21

ENDPOINT PROTECTION

their workflows. This can expose sensitive corporate data or personal information to those AI tools creating an unintentional spillage of data. This creates a new challenge of maintaining visibility and control over a growing number of endpoints, including IoT devices and virtual` environments.”

AEM Melissa says that many are turning to

autonomous endpoint management (AEM) for endpoint security. “AEM takes advantage of composite AI to provide intelligent automation and decision-making capabilities for managing IT endpoints,” she says. “Using real-time data, the technology can make recommendations and automate actions based on AI insights, peer success rates and an organisation’s risk threshold. AEM is a force-multiplier for teams in IT operations and cybersecurity because it allows them to understand contextual risk in real-time, based on real data and immediately take appropriate action.” AI protection Samantha Cotton, head of channel UK&I at WithSecure, notes that AI is already used in threat intelligence to help predict attacks on endpoints and in behavioural analytics to detect anomalies which might otherwise go undetected. “With so many tools available, as well as the rise of AI tools, businesses want a unified view of security to predict and prevent attacks,” she says. “This is where channel partners can add value.” Dominic Ryles, director of sales and commercial at Exertis Cybersecurity, adds that AI can automate the process of scanning for vulnerabilities and developing exploits. “AI systems can rapidly identify weak points in security defences and create tailored exploits to compromise them,” he says. “Organisations are using AI for threat detection and response, employing machine learning algorithms to identify and mitigate threats in real-time. Attackers can use adversarial techniques to trick defensive AI systems. This involves manipulating input to AI models in ways that cause them to make incorrect classifications and decisions.” Dominic adds that AI can be leveraged to analyse user and device behaviour to detect anomalies and potential threats in real-time. “Likewise, there is predictive threat detection, which uses machine learning

Lance Williams

with this type of attack. “Endpoints are going to get breached using new techniques and that may not raise alerts against deny lists of known vectors and known suspicious patterns. Instead, we will have to hone XDR to only allow what we know is good.” Richard Meeus, Akamai's EMEA director of security technology and strategy, adds that cybercriminals are turning to generative AI to hunt for the easiest endpoints to breach. “They combine their attacks with social engineering to steal admin identities,” he says. “Attackers don’t need a battering ram when they’re given the keys. “As a result of the advanced threat landscape, small businesses must look at upgrading their security accordingly. Even if the budget is limited, businesses need to cover their security basics, update tools, consistently train employees to be savvy security evangelists and deploy incident response plans.” Melissa Bischoping, director, Endpoint Security Researcher, Tanium, adds that phishing and social engineering – still the most frequently successful initial access into an environment for an attacker – can be enhanced using large language models and AI tools. “More convincing phishing lures that are highly customised to a target can make it harder to spot common aspects of these attacks like poor grammar or misspelled words,” she says. “The emergence of deepfake tools presents an even more significant risk that an attacker could successfully impersonate a legitimate individual to bypass defences. “Business users are bringing AI tooling and capabilities such as ChatGPT into

Karl Wilkinson

Pieter VanIperen

Richard Eglon

CONTINUED

www.newsinthechannel.co.uk

54593

Powered by