Navigating the path to understanding and using new technology takes time. It’s also something that needs to be done carefully and responsibly. With artificial intelligence, businesses are working to establish their own guidelines, driven by the individual risk thresholds and security assessments of available platforms, particularly those that are freely available.
The rapid growth of AI isn’t surprising given all the benefits it offers. But it doesn’t come without introducing significant risk.
AI is trained by humans and is susceptible to learning the wrong lessons and jumping to the wrong conclusions. Depending upon how it is leveraged, that opens the door to false alarms and new security vulnerabilities.
‘Shadow’ deployments are also a major concern. Workers want to harness the benefits of machine learning without constraints. With that comes a whole host of ethical and accountability issues that businesses leaders are now struggling to face. AI can’t be left to its own devices, yet.
While AI holds great potential to enhance security measures, we are only beginning to see how it may be used to circumvent established identity verification measures. And the peril is growing.
The Rising Threat Landscape
Unlike traditional phishing emails composed by attackers, AI-generated phishing emails are making it much more difficult to detect typical scams.
Emerging identity controls, like voice biometrics, are not immune to AI-based risks. There have been several reports of cybercriminals leveraging AI and machine learning technology to circumvent advanced identity controls all over the world. While vendors that use voice biometrics are actively developing safeguards, the threat posed by cybercriminals is increasing.
If an attacker bypasses a basic identity system and gains unauthorized access to a business’s IT environment, they may utilize AI-powered malware to penetrate a system, collect data and monitor user behavior, and then launch a more detrimental attack or exfiltrate information while remaining undetected.
AI presents multi-layered threats to conventional identity systems, and organizations must radically reassess and enhance their approach to securing digital identity.
A strong response
Combining Identity Threat Detection & Response (ITDR) and Decentralized Identity (DCI) practices is emerging as a promising method to keep data and identities safe in this new paradigm. Through this two-pronged approach, users are empowered to manage their own identity data, while organizations reinforce security protocols by constantly monitoring the IT environment.
ITDR helps an organization detect and respond to cyber-attacks, while DCI improves security and privacy by reducing reliance on centralized data systems.
ITDR facilitates the monitoring of IT networks for suspicious activity by focusing on identity signals in real time to reduce the attack surface. Identity threats are proactively detected and addressed by understanding the permissions, configurations, and connections between accounts. However, it’s important to note that ITDR alone is insufficient to protect user data in today’s IT environment.
This notion is particularly true concerning massive, centralized identity and access management (CIAM) storage practices. Because of the nature of ITDR, many see it as a reactive response to CIAM, indirectly acknowledging that large organizations must store people’s data and credentials simply because they are obligated to.
Because ITDR is a more reactive approach to CIAM, it necessitates a complementary method to keep identity perimeters more secure. To address this gap, DCI improves security and privacy by reducing an organization’s reliance on centralized data systems. As a result, individuals’ information is better protected in the event of a centralized database breach.
Centralized IAM data stores are particularly vulnerable to AI-powered cyber-attacks. With DCI, identity verification is predicated on providing a cryptographically verified credential instead of offering personal information stored in a centralized IAM database.
DCI empowers individuals to manage their own digital identities securely, but also reduces the appeal of an attack. Rather than putting millions of records at risk, DCI measures typically allow only a single individual’s records to be compromised.
Working Together
Securing data and ensuring AI is being used in secure workflows is a shared responsibility, and teams must work together to achieve a holistic approach to security and privacy.
Managed service providers (MSPs) can contribute to the advancement of CIAM by implementing a defense strategy that combines the power of DCI and ITDR. Integrating both practices strengthens an organization’s resilience against cyberattacks. Embracing this holistic approach empowers MSPs to safeguard digital identities and bolster defenses in response to the growing security risks driven by AI.
Alex Ryals is VP, Channel Sales for Ping Identity.
Image: iStock