While organizations are fast-tracking generative Artificial Intelligence (gen AI) adoption, many are overlooking the new security risks being precipitated by this technology.
In fact, a 2024 AWS and IBM study found that only 24% of businesses have secured or are working on securing their AI workloads.
On Wednesday, July 3, cloud service provider Amazon Web Services (AWS) held a virtual media briefing tackling the emerging security gap created by gen AI.
The briefing focused on how entities should rethink their cybersecurity strategies to safely leverage gen AI applications and even utilize this technology to strengthen their cyber defenses.
That being said, what are the threats emerging due to gen AI?
Among the threats that have already been discovered include faster, large-scale malware development, more convincing phishing and social engineering attacks, and new vulnerabilities opened by utilizing Large Language Models (LLMs) developed by third-parties.
Rather than slowing adoption in the face of these threats, though, AWS senior worldwide security specialist Kimberly Dickson stated that these gen-AI related threats simply necessitate a different approach to cybersecurity.
Dickson explained that relying solely on the traditional security approach, which revolves around protecting against threats originating from outside an organization, is insufficient to keep pace with threats brought about by gen AI.
Instead, AWS recommends that businesses follow a comprehensive security strategy for the gen-AI era. Dubbed Defense-in-depth, AWS’s version of this strategy consists of layered security controls for all workloads — including gen AI — that provides organizations both greater visibility and control when addressing threats from both outside and within their organization.
“The goal of a Defense-in-depth strategy is to provide multiple layers of security around your data as well as your workloads. If one layer is compromised, the other layers will isolate, slow down, or prevent a threat actor from moving laterally from escalating permissions or privileges, exfiltrating, or manipulating that data, and so on,” Dickson stated.
Dickson further likened the security strategy to castle with multiple layers of fortifications that attackers must struggle through.
She emphasized that an organization’s most valuable, sensitive data should be at the very center of the castle shielded by layers of data protection, infrastructure security, application security, threat detection and incident response plans, identity and access management, network and edge protections, as well as security policies.
“Obviously, [outside-in defenses such as] Web application firewalls are still important…[But] really thinking about defense in depth, we need to start changing our mindset about outside-in-based security, and really think about security within the castle as well,” she summarized.
AWS also recommends that customers integrating gen AI into their operations should choose the gen-AI infrastructure, tools, and applications that prioritize their safety.
Dickson emphasized that AWS’ three-layered gen AI tech stack has security baked into its foundation and is constantly improving its security features to keep up with technology advancement.
As an example, Dickson cited that AWS’s Audit Manager service has been recently updated with generative AI best practices frameworks. This Audit Manager service assists AWS clients with compliance reporting and preparation of evidence for IT audience.
This gen AI-centric update will allow clients to gather evidence and gain greater visibility on whether their gen AI workloads comply with their controls around governance, data security, privacy, incident management, and business continuity plans.
“Customers choose AWS because we have the tools that will allow them to run their AI workloads in a secure, private, as well as safe manner,” Dickson affirmed.
On top of upgrading security approaches and keeping security top of mind when choosing gen-AI tools, AWS said this technology itself can enhance security.
Dickson laid out how can gen AI can enable security teams to be more proactive and react to threats faster through automation and upskilling.
First, gen AI automation can take over routine, repetitive tasks like summarizing threat intelligence or server patching to help security teams work faster within the limits of their staff.
Second, this technology helps cybersecurity teams achieve better results and in effect, upskills them, by supplying deeper threat hunting insights, predictive threat modelling, as well as creating and running playbooks.
Gen AI can even expand security teams capabilities while simultaneously relieving them of spending time and effort on learning additional, unplanned for skills.
Dickson illustrated this particular capacity by describing how an update to Amazon Cloud Trail Lake released in last month’s AWS re:Inforce enables this tool to offer natural language querying through generative AI.
In comparison to when security professionals would have to learn complex, SQL querying to retrieve data from a data lake, now they can simply request the information they need in simple, conversational writing and Amazon Cloud Trail Lake will generate the SQL query for them. Thus, gen AI is eliminating a learning burden and enabling security personnel to concentrate on other aspects of their role.
“Gen AI is incredibly powerful and it is transforming the way that we do business as well as innovate,” Dickson declared. “These announcements showcase the commitment that AWS has made to ensure that customers are able to build gen AI and AI applications on top of AWS.”
