WE’RE ONLY SCRATCHING THE SURFACE in our industry of what artificial intelligence can do. As much as we work to stay on top of the latest cybersecurity trends and invest in cybersecurity technologies, there’s always something new—some new virus, some new attack method—that is one step ahead of us. AI can help us level the playing field and better protect our clients and our own businesses. The game has changed and we can’t keep relying on the same security strategies we’ve been using.
“It is difficult to think of a major industry that AI will not transform.”—Andrew Ng, cofounder and head of Google Brain and global leader in AI
Nero Consulting has a history of adapting to change and being an outlier. In 2012, when Hurricane Sandy hit, businesses in the affected areas of New York and New Jersey needed help recovering their data or piecing it back together in a whole new environment, and then managing that backup for them to avoid a similar situation in the future. That’s when we decided to transition from our previous break-fix model to managed services. About a year later, the CryptoLocker ransomware attack made headlines and impacted businesses, so we adopted a stronger focus on cybersecurity. Then in 2016, the threat of hacking by nation states and other organized groups really made the map, which drove us to button up our own internal security and rethink how we could be more proactive for our clients. Since that time, we have steadily been investing in cybersecurity solutions and technologies that incorporate some AI, machine learning, or threat intelligence.
As a Microsoft partner, we researched what AI functionality was already available for enterprises and started bolting on Microsoft features that we believed could work for SMBs, because the attacks that target large banks, for example, are the same attacks that will target the small construction company.
Fast forward to today, where our security stack has evolved to Microsoft Defender for Cloud, a cloud-based security posture management (CSPM) and cloud workload protection platform (CWPP) for Azure, on-premises, and multicloud resources; Microsoft Sentinel, a security information and event management (SIEM) and security orchestration, automation, and response (SOAR) platform; and RocketCyber, a managed detection and response service from Kaseya.
In addition, we chose Okta for single signon because it incorporates AI and machine learning to alert any malicious sign-ins; and we chose Box for cloud-based content management and file sharing primarily for the Box Shield feature, which uses machine learning and automation to detect security policy violations, compromised accounts, and insider threats, and to enforce security controls around sensitive content.
With the ability to receive alerts when there is an anomaly like an “impossible travel” event or a change in email forwarding rules—phishing techniques that hackers use to infiltrate a system—Nero Consulting can stop or circumvent a bad actor and potentially save a client’s business.
For example, we received an alert for one of our real estate clients about an impossible travel activity. A user who we knew to be in South America had signed in from Canada. We called the user to verify where she was, then in real time saw that the bad actor had gotten into the VPN, had compromised the user’s email account, and was communicating with an investor who was getting ready to wire $1 million for a real estate transaction. We signed the user out of all her accounts and immediately reached out to the investor, warning him not to wire the funds to that fraudulent bank confirmation number. Proactive intelligence saved the day.
Currently, Nero is exploring ChatGPT to further enhance our security posture. I’m not a software developer, but I can ask ChatGPT to help me use PowerShell to program a security tool. ChatGPT produces the code that I can copy into our NinjaOne RMM platform to deploy to the thousands of computers we manage. One example is: Check for any local administrator accounts on our managed computers and remove them.
While AI isn’t ready to replace human activity, it is helping us to keep our clients safer by alerting us to activities that we don’t have the resources to do manually. And I’m not fighting fires with my team because AI is enabling us to be proactive, which has the potential to save a lot of time and help us generate more revenue.
AI represents the modern-day industrial revolution. Nero Consulting plans to be at the forefront.