In a Help Net Security interview, BeyondID CEO Arun Shrestha explained how AI is redefining secure access management. Stretching from advanced threat detection to identity-first security strategies, Shrestha discusses how AI is reshaping defense strategies against increasingly sophisticated cyberattacks.
AI has reshaped secure access management with both attackers and defenders having increasingly new capabilities. Cybercriminals now use AI to launch advanced phishing attacks, processing vast data and generating deepfake videos, emails, or voice calls to steal credentials.
Identity-First Security Changing the Game
AI has simplified real-time threat detection, replacing slow, manual reviews of massive data sets with instant identification of suspicious behavior.
. So, from a security perspective, security teams would have to examine through massive information manually before, a slow process that typically missed major threats, and with AI, suspicious models can be identified instantaneously. Considering the AI’s acceleration of cyberattacks, it’s now essential for organizations to adopt AI to catch up with changing threats.
Shrestha emphasizes the importance of identity-first security for the age of AI-based attacks. It’s about making identity the central control for governing access instead of traditional network borders like firewalls or VPNs.
In an identity-first security model, identity determines access to sensitive systems. AI improves this framework by strengthening authentication and anomaly detection, allowing organizations to quickly identify and respond to identity-based attacks, whether human- or machine-based.
Contextual Continuous Authentication
Previous authentication systems are no longer secure enough to prevent AI attacks. Shrestha leans towards contextual and continuous authentication, which provides continuous verification within a session. Compared to previous authentication, which validates identity only once, continuous authentication constantly verifies if access is still valid.
With stolen devices or credentials used by AI cyberattacks, constant monitoring can identify suspicious behavior, like multiple logins and shut it down immediately. Contextual authentication also enhances security by authenticating location, device usage, and time of use.
For example, if an employee typically logs in from New York but suddenly attempts access from a foreign country late at night, the system flags this as unusual behavior and prompts extra verification.
AI-Based Defensive Systems
The AI based defensive systems impact on cybercriminal strategy is significant. But even if AI holds immense capability to improve security, Shrestha stresses the need for transparency in AI systems. AI-based decisions such as denying always must be explainable to ensure trust and compliance.
Human oversight is necessary to prevent bias in contextual authentication, ensuring false positives don’t block legitimate users. Ethical AI and applying constant observation, organizations can enhance defenses without compromising trust or compliance. A judicious, strategic deployment of AI will allow businesses to stay in front of the evolving threat landscape without getting affected negatively.
Inside Telecom provides you with an extensive list of content covering all aspects of the tech industry. Keep an eye on our Cybersecurity sections to stay informed and up-to-date with our daily articles.