EY helps clients create long-term value for all stakeholders. Enabled by data and technology, our services and solutions provide trust through assurance and help clients transform, grow and operate.
At EY, our purpose is building a better working world. The insights and services we provide help to create long-term value for clients, people and society, and to build trust in the capital markets.
In the second episode of our ongoing ‘Cybersecurity Awareness Month’ series, we dive deep into the transformative role of AI in cybersecurity and its growing impact on businesses. As cyber threats evolve, leveraging AI has become essential in enhancing defense mechanisms, automating threat detection, and closing the cybersecurity talent gap. EY India Cybersecurity Consulting Partner Shivaprakash Abburu joins us in this episode to share insights on how businesses can integrate AI-driven security tools, the potential challenges they may face, and the future of AI in safeguarding digital infrastructure. Tune in to learn what every business should know about using AI to strengthen cybersecurity and stay ahead of emerging cyber threats.
AI-driven cybersecurity is helping enhance threat detection, response, and intelligence, improving overall security posture for businesses.
Integrating AI helps bridge the cybersecurity talent gap, augmenting existing resources and streamlining repetitive tasks.
The future of AI in cybersecurity involves continuous monitoring, automation, and improved performance measurement for better risk management.
The true potential of AI in cybersecurity lies in its ability to not just think, but reason, enhancing defense strategies exponentially.
Shivaprakash Abburu
Partner, Cybersecurity Consulting, EY India
For your convenience, a full text transcript of this podcast is available on the link below:
Pallavi: Welcome to another insightful episode of season two of the ‘Cybersecurity Awareness Month’ podcast series, an integral part of EY India Insights podcast suite. I am your host Pallavi, and today we are diving into a transformative world of AI in cybersecurity.
We are honored to welcome Shivaprakash Abburu, Partner in Cybersecurity Consulting at EY India. With over 26 years of experience, Shiv Prakash is a seasoned professional in cybersecurity, leading large-scale transformation programs and advising businesses on cutting-edge security strategies across all domains, with multiple engagements in Middle East/North Africa (MENA), Nordics, and Americas.
Shivaprakash, thank you for joining us today. It is a pleasure to have you in this episode.
Shivaprakash: Thank you for having me, Pallavi. Good afternoon to you and to all our listeners. I am excited to explore the impact of artificial intelligence (AI) on cybersecurity, as well as also look at the possible challenges and implications – both positive and negative – of embracing AI and its evolution in cybersecurity.
Pallavi: Thank you, Shivaprakash. As we delve into AI’s role in cybersecurity, could you start by outlining how AI is enhancing our defense mechanisms against cyber threats?
Shivaprakash: The first point that I want to share in this conversation is that AI, as a subject or science, has been applied in various fields, including cybersecurity, for quite a long time. Until possibly 2022, the primary methods of using AI predominantly revolved around machine learning, deep learning, and to some extent, neural learning .
What has changed over the last couple of years is that now we have Generative AI (GenAI), which essentially provides a natural language interface to the end user to interact with machines. Earlier, the interface was always a programming language, either an abstracted level or a low-level programming language.
Now, this shift has brought technology closer to the users, making adoption much easier. At the same time, we also need to understand how AI is evolving and going through various stages: learning, knowing, thinking and reasoning.
Right now, in this journey of evolution, we are possibly somewhere between thinking and reasoning. We have crossed the stages where AI can learn, know, and think to a large extent. But the reasoning part, which is currently being developed and embedded into various AI models, is going to bring the maximum benefit or disruption to how we approach cybersecurity.
At a high level, AI is enhancing the current cybersecurity defense mechanisms by analyzing large amounts of cybersecurity telemetry. With advancements in computing, we can now analyze large quantity of data from software, algorithm and hardware perspectives. This has led to the automation of threat detection, threat response, and threat intelligence – three critical areas in cybersecurity.
The other outcome is to be able to run predictive analytics, thus allowing detection of malware or any adversarial actions without manual intervention. All of this has significantly improved the posture of enterprises and organizations from cybersecurity and risk viewpoints.
Pallavi: Thank you, Shiva. In your extensive career, what do you consider the most significant advancements that AI has brought to the cybersecurity landscape?
Shivaprakash: Apart from what I already mentioned, which is the ability to analyze huge volumes of telemetry, the most significant impact and advancement that AI is bringing to the cybersecurity industry is to be able to bridge the talent gap in the cybersecurity industry much more quickly and much more efficiently than we have done in the past. Be it in terms of AI augmenting existing cybersecurity resources or training existing cybersecurity resources (personnel) or spreading cybersecurity awareness, the possibilities with newer AI models and versions are significant for addressing the talent gap in this industry.
Pallavi: Thank you, Shiva. What are some of the challenges that organizations might encounter when integrating AI into their cybersecurity measures?
Shivaprakash: The integration of AI in cybersecurity is happening at three layers. The first is the technology layer, where AI integration has been happening for the past decade or so and will continue to evolve and expand. The other two layers where AI integration is now beginning to take place are the people layer and the process layer. Because once we start using AI or AI-assisted technologies to augment our skills, our people, or automate repetitive processes in cybersecurity, challenges around privacy, transparency and explainability will arise.
To give you an example, if I am using any cybersecurity technology that performs automated threat detection based on AI, machine learning, and deep learning, the relevant people will get an alert. As of now, these people will consume the alert, act on it, and provide a trail of actions taken and the reasons behind those actions. So, the transparency, explainability and privacy aspects are getting covered by the people. However, going forward, once we start augmenting or replacing people and processes with AI-assisted technologies, which is where the biggest challenge will emerge. I expect that regulations and other guardrails will evolve to ensure that such concerns are addressed.
Pallavi: Thank you, Shiva. Could you share some successful examples of AI implementation in cybersecurity from your experience?
Shivaprakash: One example is the automation of threat detection at the network level. If we go back 15 to 20 years, all network anomaly detections or anomalous behavior detections were rule-based. This meant we depended on the type of rules we set to detect any kind of anomalous behavior at the network layer or in other layers of the Information Technology (IT) landscape. But now we have technologies that leverage deep learning and machine learning to analyze such patterns and generate alerts based on anomalous behavior in the network traffic. This shift has reduced our dependence on people and static rule-based systems, moving us to a dynamic and continuous monitoring.
I will give you another example of something that we are doing internally in EY as we build our own intellectual property (IP) around AI and use it to improve our cybersecurity posture. If you look at the total number of vulnerabilities discovered every year and the total accumulated vulnerabilities in the National Vulnerability Database (NVD) or the Common Vulnerabilities and Exposures (CVE) database, they run into hundreds of thousands.
To map them, give them a description, understand the impact and suggest countermeasures is a humongous exercise if done manually. But with AI-assisted semantic learning, understanding the language in which the description is written as if it was a human, and then translating it into a countermeasure and impact analysis has shortened the time to do this exercise from one year to 15 days.
This is the kind of impact AI has on improving our cybersecurity posture – not only from the perspective of detection, but also how quickly we can build countermeasures.
Pallavi: Thank you, Shiva for sharing such successful examples. How do you envision the future of AI and machine learning in combating the evolving cyber risks?
Shivaprakash: In terms of evolution, we expect to see the biggest impact over the next three-year to 36-month period, and it will follow a maturity model. But we will see a lot of repetitive tasks that are done in the cybersecurity domain, either augmented to a very large extent by AI or completely eliminated and taken over by AI.
That is where the entire agent architecture comes in, where a lot of testing that was people-based and tool-based, has been automated into an agent-based architecture built on AI. This will allows continuous testing without involving people or their respective skills. This transformation will have a huge impact from an automation perspective, including how much time we take to detect, respond and recover from an attack.
The next phase of evolution and impact will be on how we measure cybersecurity performance management at the enterprise level, and what metrics we use to measure the organization’s cybersecurity maturity. These two areas will witness a significant impact in the next 18 to 36 months.
Pallavi: Thank you, Shiva. For our listeners who are cybersecurity professionals, what skills should they focus on to effectively work with AI-driven security tools?
Shivaprakash: Apart from the standard subjects that we need to have a grip on, including applied mathematics or computational mathematics, coding or programming (particularly in Python), a good control over machine learning and deep learning – are the subjects mandatory for cybersecurity professionals today, especially for people looking to upgrade their skills to work with AI-assisted products or technologies completely driven by AI.
Going forward, another important aspect is that people must start exploring newer applications of AI that could impact cybersecurity. For example, they should build skills on graph databases, vector databases, understand how they work, and then progress towards learning about graph neural networks, which will have advanced applications in cybersecurity technology from an AI perspective.
Pallavi: Thank you, Shiva. That brings us to the end of this episode. Your insights have been incredibly enlightening. Your technical knowledge serves as a guiding light in the complex and ever-evolving landscape of AI in cybersecurity. Thank you so much for your time and sharing your knowledge with us and our listeners.
Shivaprakash: It has been my pleasure, Pallavi. Thank you for your time and thank you for having me on this podcast. I am glad to contribute to this vital discussion and look forward to helping organizations adopt AI with the safety, transparency, and privacy from a cybersecurity standpoint.
Pallavi: Thank you to all our listeners for tuning in to today's episode. We hope you have gained a deeper understanding of AI’s pivotal role in cybersecurity and how it is shaping our digital defenses. Join us next time for more discussions on the latest topics in cybersecurity. Until then, stay informed and stay secure. This is Pallavi, signing off.
If you would like to listen to our podcasts on the go:
Discover how EY's cybersecurity, strategy, risk, compliance & resilience teams can help your organization with its current cyber risk posture and capabilities.
Discover how EY's identify and access management (IAM) team can help your organization manage digital identities for people, systems, services and users.
