BTEX 2024: What Are the Key Trends Shaping Cybersecurity in Canada?

AI was a prominent theme among panellists as they revealed how they think AI can help cybersecurity analysts.  

Den Jones emphasized the key areas that SonicWall solutions are prioritizing. “At SonicWall, there are two things we are working on – how we improve security for our partners and their customers and then, how do we reduce the cost of ownership?”

He explained that SonicWall's AI-powered solutions enhance security for partners and customers by providing contextual recommendations based on their environments. With AI's assistance, customers can expect to reduce the time it takes to run and configure security checks while making fewer mistakes.

Joe Martin from F5 talked about how AI could help reduce friction in cybersecurity solution deployment by automating configuration tasks. “We could make the ability to deploy security in a best-case scenario almost automatic,” he said. This would further decrease the chances of misconfigured security controls that give rise to vulnerabilities.

Grant Lam touched upon improving threat detection and response with AI at Sophos. “The main challenges we see associated with threat detection response across our customer base are resources, time and expertise,” he said.

Most organizations planning to adopt AI solutions may face ethical challenges such as bias and toxicity.

Calvin Chiu delved into how Cisco handles the ethical concerns associated with AI in their systems. Cisco adheres to principles like transparency, fairness and accountability. They ensure users are informed about AI's role in their technology and strive to eliminate algorithm biases.

These principles are designed to maintain proper security for customers, keep their data privacy in check and build reliability around the use of AI.

“From Cisco’s perspective, we follow these guidelines to ensure that if something goes wrong, especially from a human rights standpoint, we have checks within our policies and control points within the lifecycle of AI products as well,” said Chiu. 

Cisco’s AI ethics principles offer a strong reference point to technology leaders on how to navigate them responsibly.

Joe Martin shared how F5 upholds data governance and security for their AI applications. He highlighted the importance of differentiating between on-premises and cloud data planes to build effective governance.

“With our distributed cloud platform, we do have data that is passing through a data plane owned by F5. Therefore, we have all the data governance controls, least privilege access and a lot of controls on what type of data you might need or want to collect,” said Martin.

Lam talked about the challenges in AI and cybersecurity, pointing towards the increasing use of AI for deception. 

“One of the big challenges we see is that AI can effectively lower the bar for social engineering and phishing scenarios, such as creating phony websites or crossing language barriers,” said Lam.

As it gets easier for security analysts to detect threats with AI, cyberattackers won’t be left too far behind. They may use AI to launch even more sophisticated attacks that are harder to catch.

Lam elaborated on how their experiments at Sophos with large language models for web categorization yielded impressive results. These AI models could be used to accurately categorize unsafe websites and email spam and combat threats faster.

When asked if AI in cybersecurity could help meet talent shortages, Chiu commented that it could prove to be instrumental in how organizations raise the capabilities of their security analysts.

Using natural language interfaces, even entry-level analysts could decipher complex configurations easily. This could make them more efficient at managing the security infrastructure. AI-powered recommendations could simplify tedious tasks like reading and changing firewall rules or SOC analysis.

“One of the findings from our CDW Canada Cybersecurity Study was that there's still real hesitation to go to the cloud. And cybersecurity is one of the factors slowing Canadian organizations from adopting the cloud,” Wiens added.

Martin mentioned the lack of security controls and the complexities involved in multicloud connectivity as the key challenges. Customers may hit security roadblocks when working with multiple clouds as each one is configured differently.

Chiu recommended that organizations must ask a few key questions upfront before moving to the cloud to enhance their cloud security posture: Whether the cloud provides visibility into security policies, what are the risk scores associated to various entities and how could organizations tie back cloud services back to developer operations? Answers to these questions can help decision-makers strategize their cloud migration more confidently.

Jones also added the importance of solidifying policies for identity and access management using zero-trust architectures. He cited that the bulk of cyberbreaches occur due to privilege and access loopholes that must be addressed in how organizations implement security across on-premises, cloud and multicloud environments.

“It's always in our best interest that whenever a novel technique, threat or exploit emerges – we are sharing that information as quickly as possible,” Lam said. When cybersecurity organizations collaborate towards sharing threat intelligence data, the entire industry benefits from it. Lam added that he strongly believes in quickly making threat data available to other market players for serving the end users better.

“We need to come up with universal [threat] identifiers,” said Martin. He stressed upon the fact that the current mechanisms for identifying malicious entities are limited and their definitions need to expand. This way, organizations could share threat data with greater accuracy and context.

The session concluded with the panelists sharing their optimism about the state of cybersecurity. The consensus was that most organizations can significantly improve their security posture by getting the basics right and each security partner provides abundant solutions to achieve this. As more organizations reap the benefits of enhanced security technologies, the scales may tip in their favour.

There are promising benefits of using AI for cybersecurity, which should continue to expand in the near future. As AI models mature, many perceived advantages of AI-powered security will come to life. As a matter of fact, our partners are already seeing positive signs in terms of reduced malware infection and improved cyberattack avoidance with their customers.