CIO Insider

CIOInsider India Magazine

Separator

Generative AI Tools: Revolutionizing Cybersecurity in India's Digital Sphere

Separator
Deepa Seshadri, Partner, Deloitte India and Member, ISACA Emerging Trends Working Group

Over the past several years, Deepa Seshadri, Partner, Deloitte India, and Member, ISACA Emerging Trends Working Group developed expertise in designing and executing governance and compliance programs for clients within the Energy and Industrial Products and Technology Industry. Deepa is passionate about women in leadership and women in cyber.

Since the launch of ChatGPT in November 2022, the world has stepped into the next phase of technological evolution with Generative AI. A key aspect that differentiates generative AI from its predecessor AI models is that it goes a step beyond analyzing data to produce new content such as text, images, audio, videos, simulations, and even code. This is predicted to expand the impact of generative AI as organizations continue to discover innovative ways it can aid the functioning of businesses.

Various organizations are already exploring this potential, as per a recent Deloitte report titled ‘State of Generative AI in the Enterprise: Getting real about Generative AI which revealed that in the context of value creation, 18 to 36 percent of organizations reported achieving ‘large’ or ‘very large’ benefits (depending on the type of benefit) from the deployment of generative AI.

GenAI for Securing India in the Digital Age
The innovative prowess of generative AI is already leading to rapid adoption and a recent report by Inc42, a media platform, predicted that India’s generative AI market is likely to surpass $17 billion by 2030. A critical segment where generative AI could be a game-changer is cybersecurity, not only catering to requirements of threat detection and response, and compliances but also addressing talent shortage. The excitement is evident from the various generative AI-powered product launches seen in many of the recent global security conferences. As India moves towards further digitization, cybersecurity has become a top priority for enterprises due to considerations such as brand reputation, regulatory fines, business disruptions, and financial losses. Towards that end, there are already players in the nascent stages that are leveraging generative AI to meet security and

privacy needs, such as privacy threat modeling and data pseudonymisation.

This is a small glimpse into how transformative generative AI can be when it comes to securing India amidst its digitalization journey. Additionally, with the burnout observed in the cyber talent pool, Generative AI could potentially bolster capabilities and provide support to security analysts, thus becoming a force multiplier.

Generative AI can analyze asset inventories and security logs to predict potential vulnerabilities. The risk score obtained aids in prioritizing and implementing appropriate preventive measures, including patching the most critical vulnerabilities. For threat detection and response, generative AI can aid security teams in preparing for a range of threat scenarios and help refine response strategies. It can be an effective tool in triaging alerts and identifying connections between security occurrences. By analysing vast amounts of network traffic data, and identifying any anomalies indicating a cyberattack in a timely manner, generative AI can be an effective tool in timely addressing incidents. Additionally, generative AI can become an important tool in regulatory compliance, helping with better understanding, summarization, and interpretation of regulations, including tracking changes in requirements. It can be used for updating policies, standards, and procedures, and subsequently for communication and training.


Generative AI is a valuable tool that will pave the way for creating a more secure digital future



The Risks of Using GenAI and the Need for Appropriate Safeguards
Just like generative AI has immense potential to strengthen an entity’s security posture, it also has the scope of being used by malicious actors to unleash destructive cyberattacks. According to ISACA’s 2024 AI Pulse Poll, 60 percent of respondents indicate they are very or extremely worried that generative AI will be exploited by bad actors. This is already becoming a reality as a report by Cisco noted that 27 per cent of the organizations surveyed banned the use of Generative AI over concerns regarding data privacy.

Cyber criminals can circumvent traditional security measures by using Generative AI to create more sophisticated attacks. Moreover, the generative AI tools deployed by security teams can be vulnerable to attacks too, making it easier for attackers to manipulate them and launch new attacks. A key problem that has emerged in tandem with the development of generative AI is one of ethical consideration. The large amount of data required by generative AI systems for continuous refinement may include personal data of individuals, leading to concerns around data security and privacy. In this regard, generative AI for cybersecurity must be deployed with proper considerations to data security, privacy, access control, stress testing of models to check integrity and detect anomalies, among others.

Conclusion
Generative AI is a valuable tool that will pave the way for creating a more secure digital future. To be able to utilize it to its best potential, responsible development and collaboration between stakeholders is key. Adhering to industry standards and regulatory compliance can go a long way in this regard. Moreover, continuous security monitoring is paramount to mitigation of any vulnerability. Generative AI can prove to be truly transformative for cybersecurity, if deployed with vigilance.



Current Issue
Defending The Future Indigenously