Penetration Testing Is A Vital Tool To Deal With AI-Based Attacks 

Penetration testing is one of the best ways a business can understand its risk posture. Vulnerability management, architecture reviews, auditing, gap assessments and many more techniques are staples of defence.

However, pen testing - in which simulated threat actors exploit a system’s vulnerabilities to teach the company how to correct them - has always held its own as a unique gauge to help match defences to the realities of attacks today.

Enter AI. Having taken the world by storm in the last few months, the cybersecurity community is expecting a vast increase in the number of attacks powered by AI. The technology democratizes cybercrime, making highly sophisticated tactics, techniques and procedures (TTPs) available to all with minimal investment of time or money. 

To counteract this oncoming storm, penetration testing can indicate the best ways to defend, remediate and recover in the light of these new, AI-inspired and AI-powered attacks. Here’s how. 

Beating AI Threats Requires The Right Goals 

It might come as a surprise to some business leaders to learn that penetration testing and vulnerability assessments are not two sides of the same coin. In fact, while the latter is static and lacking in context, the former is designed to uncover fundamental business risks by manually testing an organization’s defensive posture to steal data or achieve a level of unauthorized access.

What this means is that identifying surface-level vulnerabilities is by no means the purpose of an ethical hacker’s investigation. Instead, it’s all about the business consequences of allowing an adversary to walk through the doors that vulnerabilities open. As a result, ethical hackers need goals around targeting those specific areas, to measure the organization’s level of cyber resilience and reveal how pockets of low-risk vulnerabilities can combine to create an overarching high-risk scenario that puts their business in jeopardy. 

Share Your Pen Testing Results With The C Suite

The distinct illumination and reassurance afforded by penetration testing also helps demystify the complexity of the cyber threat landscape, translating cyber risk into actionable business terms that better resonate with the C-Suite and Board. Actual illustrative stories from recent penetration testing engagements make it much easier for cyber resilience leaders to articulate risk in a way that fosters collective buy-in across corporate leadership to ensure security remains a top organizational priority. 

It's important to remember that regardless of a penetration testing program’s effectiveness, grey areas and precarious judgement calls relative to risk prioritization will always exist. Penetration testing helps ensure CISOs can come to the most informed decision possible. Otherwise, they are taking a blind shot in the dark at what their real business risks are.  

Bring Red & Blue Teams Together For Best Results

Just as cybersecurity is a team sport, so too is penetration testing. Red team exercises involve a “red” offensive team, along with threat hunters and SOC analysts as the “blue” defensive team. And just like we all learned in elementary (and cybersecurity) school, fusing both together creates the color purple. 

The concept of purple teaming is often mischaracterized. It isn’t a singular team of offensive experts and hunters all operating together in unison. Rather, it’s a verb in this context that describes how red and blue sides can collaborate to expand knowledge, sharpen strategy, and boost operational efficiency. And while it’s less obvious at the surface level, blue can help red just like red helps blue. 

Collaborative intelligence sharing, for example, provides further perspective to ethical hackers on how a particular TTP was identified. That way, the red team can adjust their approach for the next attempt to ensure it’s more lethal, which in turn makes the blue team stronger. Consider it like iron sharpening iron -  ultimately everybody benefits. 

One of The Best Defences Against Weaponized AI

Despite calls from industry leaders to slow down the rate of AI innovation, business leaders would be mistaken to believe that they can rest on their laurels for the time being. Unbeholden to regulators or stakeholders, threat actors will be innovating as we speak.

Penetration testing is a key part of the toolkit of any CISO today. Alongside purple teaming, prioritizing risks correctly, and defining goals effectively, pen testing can help organisations get ahead of malicious actors by understanding their own threat landscapes. Only this level of visibility will give businesses the necessary confidence to know their systems are safe in the age of AI.  

Ed Skoudis is  President of SANS Technology Institute and  founder of the SANS Penetration Testing Curriculum and Counter Hack. 

You Might Also Read: 

How To Leverage AI For Real-Time User Verification:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

 

« Mobile Authentication: The Good, The Bad & The Ugly
Nine Types of Modern Network Security Solutions »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Threatpost

Threatpost

Threatpost, is an independent news site which is a leading source of information about IT and business security.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

Precise Biometrics

Precise Biometrics

Precise Biometrics develop and sell fingerprint software for convenient and secure authentication of people’s identity in mobile devices, smart cards and other products with fingerprint sensors.

Cyber Wales

Cyber Wales

Cyber Wales provides a focus and forum for everyone in the industry, helping businesses come together and collaborate both within Wales and internationally.

Intel Capital

Intel Capital

Intel Capital, Intel's strategic investment organization, backs innovative technology startups and companies worldwide. We invest in a broad range of hardware, software, and services.

BeyondTrust

BeyondTrust

BeyondTrust is a leader in Privileged Access Management, offering a seamless approach to preventing data breaches related to stolen credentials, misused privileges, and compromised remote access.

LOGbinder

LOGbinder

LOGbinder eliminates blind spots in security intelligence for endpoints and applications.

Greenberg Traurig (GT)

Greenberg Traurig (GT)

Greenberg Traurig, LLP (GT) is a global law firm with offices in 40 locations in the United States, Latin America, Europe, Asia, and the Middle East.

Action1

Action1

Action1 is a Cloud-based lightweight endpoint security platform that discovers all of your endpoints in seconds and allows you to retrieve live security information from the entire network.

Cybaverse

Cybaverse

Cybaverse (formerly North Star Cyber Security) was founded to create the perfect blend of a Managed Security Service Provider (MSSP) and a Cyber Security Consultancy in one.

Canonic Security

Canonic Security

Canonic streamlines app review, continuously monitors apps, and reduces the risks involved in third-party access to your data.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Knowit

Knowit

Knowit support customers in the digital transformation, simplify people’s everyday lives and create secure and innovative solutions enabling a sustainable future.

CyberMass

CyberMass

CyberMass provides Cyber Advisory/Consulting, Professional and Managed Services offering complete cybersecurity as a service protection to businesses.