Artificial Intelligence (AI) stands out as one of the most exciting and transformative fields the world has ever seen. As our resident AI expert, Mikhail Kazdagli has been the forefront of unlocking the boundless possibilities of AI for Symmetry with his theoretically grounded approach to AI-driven cybersecurity. He is continuously inspired by the possibilities and the profound impact that AI can offer us. In this exclusive interview, we delve into the core of AI’s potential and its implications for cybersecurity. Mikhail shares his insights on AI’s transformative power and the challenges and opportunities it presents. Join us as we explore his fascination with AI and its pivotal role in shaping the future.
What excites you the most about AI?
I find myself particularly intrigued by several aspects of the AI field. First and foremost, its transformative power and the unprecedented pace of advancement are truly captivating. AI holds the potential to revolutionize entire industries, unlocking fresh possibilities for efficiency, accuracy, and innovation. In fact, its societal impact could surpass that of the industrial revolution in the 18th and 19th centuries.
These transformative changes hold the promise of enhancing our quality of life and fueling economic growth. What’s particularly astonishing is the lightning speed at which AI technologies are progressing. We find ourselves at the forefront of an era where AI systems are evolving into highly sophisticated digital entities. Entities that are capable of accomplishing tasks that were once deemed the exclusive domain of humans, and even beyond.
Should we consider enforcing stringent limits on AI to ensure its containment?
In our quest to ensure AI’s containment, it’s essential to acknowledge that, while humans often resist dramatic change due to our inherent nature, embracing these transformations is inevitable for the progress of our society. At this stage, ethical concerns may take a back seat, as independently operating AI systems are not yet a reality. Overregulation in specific domains could lead to stagnation and potentially provide a competitive edge to organizations and nations that aren’t currently leading the way in AI development.
What differentiates Symmetry Systems from other cybersecurity companies with regards to the application of AI technologies?
If I were to highlight a single differentiating factor, it would undoubtedly be the theoretically grounded approach to developing an AI-driven cybersecurity solution. With profound expertise in both AI and cybersecurity domains, I consistently adhere to rigorous methodologies. I deliberately steer clear of hastily assembled, unstable makeshift solutions, as they are prone to inadequately addressing the ever-changing security landscape. In addition to the scientific approach to building an AI platform, I place a significant focus on its usability. This emphasis is particularly directed towards ensuring the explainability of AI-generated outcomes to human users. In addition to the focus on explainability, the AI platform has the capacity to generate valuable recommendations for enhancing an organization’s security posture.
My goal is to build a robust, flexible, and scalable platform that not only tackles the current security challenges our customers encounter on a daily basis, but also protects them from the ever-changing tactics of malicious actors. Additionally, I strive to assist our customers in remaining compliant with emerging data regulations. My dedication to delivering top-tier AI solutions to our customers is steadfast and unwavering.
What sets AI solutions in the cybersecurity domain apart from generic AI tools like ChatGPT and generative art?
These two domains are inherently distinct, and this disparity is deeply rooted in the nature of the problems they tackle. Security settings inherently feature an adversarial dynamic where malicious actors and defenders engage in constant competition. Therefore, from a technical perspective, machine learning grapples with the challenge of rapidly evolving non-stationary distributions, due to the ongoing efforts of attackers to circumvent ML defenses. Designing ML algorithms that reliably function within this context is a formidable task. For instance, I approach this challenge by training algorithms to identify attackers’ strategies rather than rapidly changing tactics. These strategies have exhibited a degree of consistency over an extended period. This includes consistent actions like exfiltrating business-sensitive data, establishing a persistent presence within a system, and data corruption, which includes ransomware attacks, among others.
What exciting AI-driven developments or projects can we expect from Symmetry Systems in the near future?
There are multiple AI features that we are concurrently working on, and continuously release to our customers. The one I’m most excited about is the most ambitious endeavor. An adversarial AI designed to test and enhance the AI-based defense we provide. I firmly believe that to outpace malicious actors in this ever-evolving landscape, we must employ a tool that systematically generates novel malicious tactics. AI is the ideal candidate for this role compared to humans, even though developing such an AI model is a formidable challenge. A similar approach has proven successful in training game agents, such as AlphaGo. However the cybersecurity domain presents new complexities. These complexities require profound domain-specific expertise to model a diverse range of inherent security constraints successfully.
Yet another captivating AI enhancement is our AI-powered security co-pilot, which our valued customers can look forward to as an intriguing addition to their security arsenal in the coming months. This innovative feature facilitates interaction using everyday English language, enabling the system to present consolidated information from various data sources. Consequently, it simplifies the onboarding process, eliminating the need for an extensive grasp of complex cloud technologies. Customers can take a tiered approach, commencing with high-level investigative queries and progressively delving into specific facets of their cloud infrastructure that may pose potential security concerns.
Data privacy and data security are a critical concern for many organizations. Many CISO’s are increasingly portraying AI as the antagonist that erodes privacy and security. I’m curious how do you see AI’s role?
While AI offers the potential for substantial positive change, it also introduces valid privacy and security concerns. We can categorize these concerns into two distinct issues. First, there’s the risk of privacy infringement resulting from the mishandling of sensitive data within AI systems. Second, there’s the challenge of maintaining privacy when AI algorithms continuously monitor human personal data. Using a robust Data Security Posture Management (DSPM) tool like Symmetry DataGuard can mitigate the concerns around privacy, but the latter issue remains inherently unsolvable.
The risk of potential data misuse or mishandling within AI systems is a significant concern. AI heavily depends on extensive datasets for training, and these datasets may contain sensitive or personal information. If not handled with rigorous privacy safeguards, this data could be at risk of breaches or unauthorized access. DataGuard addresses these potential data threats by conducting a thorough analysis of data, removing sensitive information, and ensuring that data managed by an AI system in a secure way.
Nevertheless, there is a trade-off that humans often make between privacy and convenience. Numerous tools presently employ continuous monitoring of diverse facets of user behavior to enhance information searches (e.g., web browsers), offer superior recommendations (e.g., movies, music, news articles), and enable self-driving cars (multiple cameras record surroundings, often without explicit user consent). When sensitive data is handled in accordance with regulations, it allows individuals to balance privacy concerns with the benefits of convenience and an improved quality of life, making this trade-off acceptable.
How do you envision the role of AI in the cybersecurity domain in the coming years?
In the evolving landscape of AI, I anticipate a seamless integration of AI innovations into the cybersecurity arena. AI-driven tools will take center stage in managing and continuously enhancing an organization’s security posture. We expect the emergence of interactive assistants tailored for DevOps and DevSecOps teams. As a testament to this, I’ve already introduced IAMAX – a tool capable of generating verifiable cloud security policies (Kazdagli et al., 2022).
While the potential of AI in cybersecurity is immense, a critical requirement is a deep understanding of the security domain. We stand at the inception of an AI revolution, poised to reshape numerous industries, and cybersecurity is no exception to this transformative wave.
Where can People Learn More About Symmetry?
If you’d like to learn more about Data Security Posture Management and DataGuard, please reach out. We’d love to demonstrate how we leverage AI in our data security posture management solution to help safeguard your most critical data assets through actionable insight and improved visibility, scalability, and compliance.