Intelligent CIO Middle East Issue 128 | Page 40

FEATURE
Speaker bio
Patricia Titus, Field CISO at Abnormal AI, has over 25 years of CISO experience, including leadership roles at Booking Holdings, Markel, Freddie Mac, Symantec, Unisys and the TSA. She has directed security strategies aligned with business goals and regulatory standards. Known for expertise in risk management, AI, cybersecurity operations and crisis management, she has optimised security, enhanced resilience and integrated AI into security programs. Titus serves on the boards of Black Kite, Black Cloak, The Cybersphere Group and Glasswing Ventures. yesterday’ s tools. This is where our behavioural AI model comes into play.
Behavioural AI doesn’ t ask,“ have I seen this domain before?” It asks,“ does everything about this communication make sense in context?” It looks at the history, relationship, urgency, time of day and even the sentiment of the communication. If I’ m in regular communication with someone who always starts their emails with‘ Hey Patti’, and one day it starts with‘ Good morning, Patricia’ – that’ s suspicious.
Of course, humans can see some of these things in real time, however AI can operationalise it at scale. Our goal is shrinking your window of exposure from hours to seconds and getting the alert to the right person fast enough to matter. We want your SOC analysts to be looking at what’ s really important – not all the noise. The noise is what can be operationalised by our AI.
Looking ahead, do you expect these actors to use Generative AI to automate the high-trust social engineering that currently requires manual effort?
It’ s already happening. The capabilities that exist today are a result of attackers utilising AI. Messages are personalised, contextualised, have flawless grammar and are generated at huge scale.
The volume alone changes the economics of the attack. They’ re no longer sending out email blasts, spray and pray, hoping someone will bite. They are able to send very narrowly curated information about you and make that fit the attack. A skilled social engineer can run maybe a handful of these high-quality long game operations simultaneously. With automation, that number becomes hundreds.
The defensive implication is that we can’ t just rely on spotting poor grammar or dodgy domains anymore. We have to focus on the request, the context and the channel. Organisations that get ahead of this are the ones investing in AI assisted defences now, not waiting until it’ s too late. Humans cannot move fast enough to defend against the speed of AI attacks. •
40
INTELLIGENT CIO MIDDLE EAST www. intelligentcio. com