Cybersecurity Experts Advise on Preparing for AI-Based Attacks

In the face of AI-powered cyber attacks, three Texas-based cybersecurity experts stressed the importance of infrastructure resilience, data accuracy and incorporating AI into security architecture during a panel on data governance at the Texas Association of State Systems for Computing and Communications (TASSCC) State of the State Conference on Dec. 1.

Moderated by Texas A&M University CISO Danny Miller, the panel of experts included Info-Tech Research Group Security Technical Counselor Bob Smock, Austin Deputy CISO Wendi White and Texas Military Department (TMD) CIO Jeremy Sereno.

Sereno emphasized infrastructure resilience, which involves making the proper preparations to fully recover and continue operations in the midst of a cyber attack. According to Sereno, rehearsing various scenarios and building partnerships are key to making sure an organization can recover as quickly as possible.

“Look for the help,” said Sereno. “Look for those managed service partners. Look for the state and local resources, whether it's county or adjacent cities if you're a smaller city around a bigger city, and build those partnerships so it's not just you taking on the world.”

White pointed to strategic planning as an aspect of enterprise architecture that will need significantly more investment to help identify additional risks introduced by the Internet of Things.

“The city of Austin provides services across 10 critical infrastructure sectors, many of which are managing industrial control systems, and an increasing number of which are leveraging the Internet of Things for management and telemetry to aid in monitoring,” said White. “On the basis of having expanded that technology adoption, we're also finding that in order to consume that information in a meaningful way, we're having to make all of that information more interconnected. As a result of that, you're creating more points of contact between what were previously isolated systems that can be locked in a very familiar manner. As we are introducing these new points of interconnection we are creating risks.”

Smock named five security priorities for 2024: strengthening the cybersecurity workforce through upskilling, modernization, regulatory changes, securing the software supply chain and incorporating advanced technologies into architecture, specifically artificial intelligence.

“We, as security professionals, have to start incorporating AI into our defensive posture, into our security architecture. Why? Because the bad guys are already using AI-based attacks,” said Smock. “Our research tells us, our trend prediction over the coming year, is that within this next year, the vast majority of all successful cyber attacks will meet the criteria for a zero-day event. Think about it, that's pretty scary. It means ... attacks never been seen before. They're going to start coming like that. Our old worn-out processes, if they're still manual, if it's legacy technology, if it's started to obsolesce, [aren't] going to be able to keep up. This isn't about improving our own processes through a better cybersecurity workforce. This is about incorporating the same tools the bad guys are using to defend ourselves.”

Other panels at the TASSCC State of the State Conference saw chief data officers discuss data governance in preparation for AI and state Rep. Giovanni Capriglione's call for increased state agency use of AI.