Related Posts
- Advertisement -
The The infrastructure That supports today’s companies is even unrecognizable a few months ago. Every organization, planned or not planned, has been migrated to the cloud with AI intertwined, since each improves the possibilities of the other.
Cloud and AI are unmistakable game changers for companies; However, both introduce complex cyber risks in combination. Cloud protection measures must evolve to take on the new challenges of AI and find the delicate balance between the protection against complex attacks on AI data and enabling organizations to achieve responsible AI innovation.
EMEA technical director and security strategist, sustainable.
The marriage of Cloud and AI
Cloud Computing Offers the infrastructure and resources needed to power AI algorithms, while AI Cloudservices makes more intelligent, efficient and user -oriented. This substantiates that this is the development team, which runs at full speed, creates and implement new applications that reform operations, scalability, flexibility and cost savings where it is possible. But for those who work to secure these changing environments, it’s like trying to catch smoke. What is safe today can move, morph or even completely disappear.
According to the Cloud AI risk report, cloud-based AI is sensitive to avoidable toxic combinations that leave sensitive AI data and models vulnerable to manipulation, data and data leakage data. To illustrate, this can make this AI training data susceptible to data poisoning, which threatens the model results. Researchers calculated that almost 70% of the cloud ai -workloads contains at least one non -vulnerability.
Instead, the discovery was that three of the four organizations that used one specific cloud provider for AI services appear to have over -prepared standard configurations. Discerned ‘The Jenga-Style’ concept, the study found a tendency for cloud providers to build one service on top of the other, with “behind the scenes” building blocks that inherit risky standard values from one layer to another, with a single incorrectly configured service that runs all services at the top of the risk. The result is that users are largely not aware of the existence of these building blocks behind the scenes, as well as any propagated risk.
Threat actors
When we talk about AI use in the cloud, there are more than sensitive data on the line. If a threat actor manipulates the data or AI model, there may be catastrophic consequences in the long term, such as compromised data integrity, compromised security of critical systems and relegation of customer confidence. In addition, training and test data is an attractive target for abuse and exploitation, because they can contain real information such as intellectual property, personal information (PI), personally identifiable information (PII) or customer data with regard to the nature of the AI project.
Threat actors focus not only on AI, but also using it. Reports confirm that they have some powerful AI Tools At their disposal, including AI-driven virtual assistants who can streamline and strengthen their attacks. So far this year there have been reports of threat actors who use AI to write malware for ransomware to attack. According to Checkpoint, Funkksec is in fact such a group that is assumed to use AI-assisted malware development. The danger is that this could see inexperienced actors to turn and refine tools quickly to launch their own criminal escapades.
AI driven defenses
AI can be used to search for patterns, so that the team inspects what happens within the infrastructure of the organization and explain results in the simplest possible language. This can help the security team know what is important, the attack paths that can be covered if a threat actor gains access and where the best priority can give to efforts to close these paths to reduce cyber risk. Solutions such as Data Security Posture Management (DSPM) and AI Security Posture Management (AI-SPM) become an integral part of many organizations.
Gartner defines DSPM as “… visibility about where sensitive data are, who has access to that data, how it is used and what the security position of the stored data or application is.” Simply put, DSPM solutions discover, classify and resolve data risks in cloud environments.
AI-Security Posture Management (AI-SPM) is a Cloud Native Application Protection Platform (CNAPP) domain that provides security teams full visibility and security of AI-Workloads, Services and Data that are used in training and inference without implementing an agent. It identifies and gives priority to AI sources based on sensitivity, access and risky relationships, so that the context is needed to isolate the most critical AI exposures.
Summary
Although independent DSPM and AI-SPM services act as powerful spotlights to relieve data and AI sources, if they are not combined with wider cloud protection measures, they can use non-authorized access or infringements that use vulnerabilities in the cloud infrastructure.
Although the combination of AI and Cloud offers immeasurable benefits, the risks that can endanger sensitive data and data integrity introduces, which ultimately decreases the trust of customers and company photos. Organizations need DSPM and AI-SPM to determine their valuable data and AI sources and cloud protection solutions to build a safe safe around them.
We mention the best antivirus software.
This article is produced as part of the TechRadarpro expert insight channel, where today we have the best and smartest spirits in the technology industry. The views expressed here are those of the author and are not necessarily those of TechRadarpro or Future PLC. If you are interested in contributing to find out more here: https://www.techradar.com/news/submit-your-story-techradar-pro
- Advertisement -
