Penetration Testing Is A Vital Tool To Deal With AI-Based Attacks 

Uploaded on 2023-06-19 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Penetration testing is one of the best ways a business can understand its risk posture. Vulnerability management, architecture reviews, auditing, gap assessments and many more techniques are staples of defence.

However, pen testing - in which simulated threat actors exploit a system’s vulnerabilities to teach the company how to correct them - has always held its own as a unique gauge to help match defences to the realities of attacks today.

Enter AI. Having taken the world by storm in the last few months, the cybersecurity community is expecting a vast increase in the number of attacks powered by AI. The technology democratizes cybercrime, making highly sophisticated tactics, techniques and procedures (TTPs) available to all with minimal investment of time or money. 

To counteract this oncoming storm, penetration testing can indicate the best ways to defend, remediate and recover in the light of these new, AI-inspired and AI-powered attacks. Here’s how. 

Beating AI Threats Requires The Right Goals 

It might come as a surprise to some business leaders to learn that penetration testing and vulnerability assessments are not two sides of the same coin. In fact, while the latter is static and lacking in context, the former is designed to uncover fundamental business risks by manually testing an organization’s defensive posture to steal data or achieve a level of unauthorized access.

What this means is that identifying surface-level vulnerabilities is by no means the purpose of an ethical hacker’s investigation. Instead, it’s all about the business consequences of allowing an adversary to walk through the doors that vulnerabilities open. As a result, ethical hackers need goals around targeting those specific areas, to measure the organization’s level of cyber resilience and reveal how pockets of low-risk vulnerabilities can combine to create an overarching high-risk scenario that puts their business in jeopardy. 

Share Your Pen Testing Results With The C Suite

The distinct illumination and reassurance afforded by penetration testing also helps demystify the complexity of the cyber threat landscape, translating cyber risk into actionable business terms that better resonate with the C-Suite and Board. Actual illustrative stories from recent penetration testing engagements make it much easier for cyber resilience leaders to articulate risk in a way that fosters collective buy-in across corporate leadership to ensure security remains a top organizational priority. 

It's important to remember that regardless of a penetration testing program’s effectiveness, grey areas and precarious judgement calls relative to risk prioritization will always exist. Penetration testing helps ensure CISOs can come to the most informed decision possible. Otherwise, they are taking a blind shot in the dark at what their real business risks are.  

Bring Red & Blue Teams Together For Best Results

Just as cybersecurity is a team sport, so too is penetration testing. Red team exercises involve a “red” offensive team, along with threat hunters and SOC analysts as the “blue” defensive team. And just like we all learned in elementary (and cybersecurity) school, fusing both together creates the color purple. 

The concept of purple teaming is often mischaracterized. It isn’t a singular team of offensive experts and hunters all operating together in unison. Rather, it’s a verb in this context that describes how red and blue sides can collaborate to expand knowledge, sharpen strategy, and boost operational efficiency. And while it’s less obvious at the surface level, blue can help red just like red helps blue. 

Collaborative intelligence sharing, for example, provides further perspective to ethical hackers on how a particular TTP was identified. That way, the red team can adjust their approach for the next attempt to ensure it’s more lethal, which in turn makes the blue team stronger. Consider it like iron sharpening iron -  ultimately everybody benefits. 

One of The Best Defences Against Weaponized AI

Despite calls from industry leaders to slow down the rate of AI innovation, business leaders would be mistaken to believe that they can rest on their laurels for the time being. Unbeholden to regulators or stakeholders, threat actors will be innovating as we speak.

Penetration testing is a key part of the toolkit of any CISO today. Alongside purple teaming, prioritizing risks correctly, and defining goals effectively, pen testing can help organisations get ahead of malicious actors by understanding their own threat landscapes. Only this level of visibility will give businesses the necessary confidence to know their systems are safe in the age of AI.  

Ed Skoudis is  President of SANS Technology Institute and  founder of the SANS Penetration Testing Curriculum and Counter Hack. 

You Might Also Read: 

How To Leverage AI For Real-Time User Verification:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Mobile Authentication: The Good, The Bad & The Ugly
Nine Types of Modern Network Security Solutions »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

Magix Security

Magix Security

Magix Security assesses the cyber threat, gives you visibility of how vulnerable your business is to attack, and provides cybercrime detection and prevention services.

Metrarc

Metrarc

Metrarc has developed a ground-breaking technology called ICMetrics™ for deriving secure encryption keys from the properties of digital systems without the need to store any of the encryption keys.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

IT Search

IT Search

IT Search is a specialist IT recruitment company focusing on Cyber Security, IT Infrastructure, Software, Data, Digital Transformation and C Suite leadership positions.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

Trustifi

Trustifi

Trustifi leads the market with the easiest to use and deploy email security products, providing both inbound and outbound email security from a single vendor.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

AVEVA

AVEVA

AVEVA has a long history in providing Supervisory Control and Data Acquisition software for meeting complex and evolving automation requirements.

Beetles Cyber Security

Beetles Cyber Security

Beetles is a crowdsourced penetration testing platform designed to build a trusted, hacker-centric approach to protectan organization’s digital attack surface.

Denodo

Denodo

Denodo transforms the way organizations operate by unifying their data assets in real time and making data ubiquitous and secure to all users and business applications.

Dapple Security

Dapple Security

Dapple Security is creating cutting edge technology utilizing responsible biometrics that protects people and privacy through a first-of-its-kind passwordless platform.

Inception Cyber

Inception Cyber

Inception Cyber, the inventors of intent-based security, is leading the next generation of threat prevention for an increasingly AI-driven world.