Businesses need to rethink network security as AI adoption progresses
By Carmelo Calafiore (pictured), ANZ Regional Director at Extreme Networks
The network is the backbone of efficient business operations, connecting employees with core systems and servers so they can work, and customers with front-facing services so they can transact.
Our reliance on the network has only increased over time. Today, businesses rely on it to connect to a range of as-a-service, cloud and third-party services that increasingly power or augment operations.
Networks have also become more expansive over time so that businesses can interconnect with all of these new and emerging third-party cloud and Artificial Intelligence (AI) services that promise to unlock capability improvements and efficiency dividends.
The strategic shift towards Software as a Service (SaaS) solutions may be motivated by sound operational and business considerations, but it’s also adding complexity to core business processes and data handling practices. Businesses have to understand how third party-hosted data, such as the personally-identifiable information of their customers, is secured, both in transit and at its destination.
At the same time, organisations are in the midst of a mass move towards Artificial Intelligence (AI) and Large Language Models (LLMs). AI is flooding networks with bigger data and higher-value datasets, and it relies on those datasets to learn and provide value.
While AI tools exist in a variety of forms, they are also typically accessed via the public Internet. Depending on setup and configuration, AI services require a “doubling-down” on data and network security to safeguard business operations and assets from elevated risks these innovative, technology-led approaches bring.
Cloud and AI-destined businesses are finding that a more proactive approach to network control and management is needed to allay third-party risk and to operate securely in newer digitally-enabled worlds.
AI’s double-pronged impact
As artificial intelligence accelerates into the workplace with its new innovative prospects, it is important to recognise the risks it poses.
AI models are data-hungry. They require large amounts of production data to train in the first instance, and then an ongoing, real-time stream of data to ‘learn’ from and improve their accuracy over time. How that data is secured – in transit between the data source and the model, and at rest when not being called upon – needs to be carefully considered and addressed. With this in mind, it is important to educate employees on AI usage guidelines and the potential data exposure risks to ensure that businesses stay protected.
It’s not only the business itself that can benefit from the AI boom. Threat actors are also increasingly availing themselves of AI and using it as a tool to automate more targeted and unique attacks against business networks, making them far more efficient and impactful. Whilst Machine Learning (ML) algorithms enable attackers to pinpoint vulnerabilities efficiently, AI tools can further automate malicious activities like phishing and malware.
What’s more, there is also now the ability for bad actors to purchase pre-coded ‘cyber-attacks as a service’ on the dark web. This accessibility means that executing cyberattacks no longer demands advanced hacking skills; individuals can simply buy these pre-coded services. Coupled with easily accessible AI algorithms and knowledge and this means that virtually anyone can launch an attack on a business.
Updating network security for the cloud and AI age
To combat the growing sophistication of cyber threats in businesses embracing cloud and AI-powered services, network defences should be fortified with robust security measures to safeguard valuable data and assets.
A range of advanced technologies can be deployed to assist businesses in staying secure and protecting their networks data and operations from evolving threats.
Visibility is key to a good security control framework. You can’t control, monitor or manage what you can’t see. Good integrated management tools are critical to any control solution. AI might be part of the challenge for businesses, but in a network-specific context, it may also be part of the solution as well. Management tools that leverage AI can be used to enhance network security and efficiency by reducing false alarms. The best options offer explainable AI insights for proactive risk mitigation and learn from network activity to continuously improve recommendations, facilitating seamless support integration for quicker issue resolution.
In addition to visibility, Zero Trust Network Access (ZTNA) can be used to enhance security by regulating users, applications, and devices, extending the network’s protective capabilities. ZTNA establishes identity-driven access boundaries, offering an extra security layer that is especially beneficial for organisations with multiple locations and surpasses traditional firewall or network access control methods.
Many organisations are also starting to recognise the value of a fabric-based network architecture, where IT teams can create multiple discrete virtual networks. Because fabric technology can integrate thousands of connected devices and diverse elements while keeping network traffic separate, it’s easier for administrators to manage the network while preventing lateral movements and limiting risks related to the network edge or IoT devices.
The key here is a holistic approach which maps and monitors the entire network of the business. Integrating real-time threat detection, incident handling and ongoing learning technologies like the above can substantially bolster a business’ security resilience and reduce attack vulnerabilities. Done correctly, enterprises can create a unified and flexible network architecture that is sufficiently flexible to meet the demands of modern digital environments.
Ultimately, while AI might in the long term actually assist businesses in increasing their security posture, enterprises still need a plan to handle it carefully and, as a result, network security should not be viewed as an add on or after thought. It needs to be a core part of the infrastructure as businesses navigate a dynamic journey that demands readiness to contain, respond, and restore in the face of security breaches. In 2024, more than ever, it’s time for IT leaders to set their north star on networks through the best tools available.