Express Computer sits down with Sharda Tickoo, Country Manager for India and SAARC, Trend Micro, to delve into the transformative impact of AI on cybersecurity. Tickoo emphasises the potential of AI in automating tasks and reducing alert fatigue through a unified platform-based approach, citing the use of AI in Trend Micro’s flagship platform, Trend Vision One, for diverse hybrid IT environments. She highlights the challenges of securing AI systems themselves, stressing the need for a holistic approach encompassing basic hygiene, responsible AI use, and rigorous testing.
Predicting future trends, Tickoo discusses increased AI adoption by adversaries, the rise of deepfakes, and evolving ransomware threats. She commends the maturity of the Indian cybersecurity landscape, especially in sectors like BFSI and government, while underscoring the importance of compliance and cyber awareness.
Furthermore, she elaborates on Trend Micro’s strategies in the crowded security market, focusing on security consolidation, hybrid deployment models, and AI-driven solutions. She outlines the company’s commitment to innovation, citing examples like their XDR platform and cloud-native security solutions tailored to diverse client needs.
With the increasing integration of AI in cybersecurity, how do you see AI transforming threat detection and response mechanisms?
AI is rapidly being adopted in businesses, significantly enhancing cybersecurity efforts. It can automate tasks, prioritise alerts, understand an organisation’s risk profile, and identify areas needing remediation. At Trend Micro, we have been leveraging AI and machine learning since 2005. Our flagship product, Trend Vision One, is a unified cybersecurity platform that utilises AI to automate tasks traditionally performed by analysts, such as managing chatbots and decision-making processes. Overall, AI enhances real-time anomaly detection, automates incident response, and provides comprehensive threat intelligence. It reduces human error, scales to handle vast data volumes, and adapts to emerging threats through continuous learning. This ensures quicker, more accurate responses and a balanced approach to security, alleviating the burden on SecOps teams while providing valuable insights and enhanced visibility.
What are the cybersecurity challenges specific to protecting AI systems themselves?
As AI adoption continues to grow, securing AI infrastructure is becoming increasingly critical. AI systems face various challenges, including data poisoning, AI hallucinations, and adversarial attacks. A holistic approach is essential to tackle these challenges, as there isn’t a single product that can address all AI security needs. This involves securing training data, preventing inputs that could compromise the model, ensuring responsible AI use, and guarding against jailbreaking attempts. Additionally, organisations must monitor AI outputs to prevent data leaks and maintain compliance.
What are the key cybersecurity trends you foresee emerging over the next 12 months?
Over the next 12 months, the cybersecurity landscape will evolve significantly, driven by several key trends. AI usage will continue to rise, presenting new challenges such as increased AI-driven cyberattacks, including sophisticated business email compromises and deepfakes. Ransomware attacks are expected to become more advanced, with Linux systems becoming a prime target. Additionally, data will be weaponized against cloud-based machine learning models, compromising their integrity and reliability. Blockchain is likely to emerge as a new battleground for extortion schemes, leveraging its perceived security to exploit vulnerabilities. These trends highlight the need for proactive and adaptive cybersecurity strategies. Consequently, CISOs will need to prioritise understanding and securing AI adoption, enhancing visibility, and consolidating security technologies within their organisations.
How has generative AI revolutionised the cybersecurity landscape for organisations, and what are the pros and cons of leveraging generative AI?
Leveraging generative AI in cybersecurity offers substantial benefits. It enhances cybersecurity effectiveness by mitigating alert fatigue, automating repetitive tasks, and enabling deeper analytical insights. Moreover, it supports proactive defence strategies through advanced threat hunting and vulnerability assessments, thereby pre-emptively addressing potential cyber threats.
However, there are inherent challenges to consider. AI models may generate false positives or negatives, potentially causing unnecessary responses or overlooking genuine threats. Over-reliance on AI systems poses a risk of reducing human oversight and critical decision-making capabilities. Furthermore, AI technologies themselves are susceptible to adversarial attacks, which could exploit vulnerabilities and compromise cybersecurity measures.
Given these considerations, the responsible adoption and management of AI are paramount to mitigating security risks such as AI-driven attacks and data breaches. Organisations must implement robust strategies that balance the benefits of AI with rigorous safeguards to maintain cybersecurity resilience.
How crucial is education in fostering a culture of cybersecurity among businesses in India, and what awareness initiatives do you recommend?
Ensuring cybersecurity awareness is crucial, with a strong emphasis on educating employees to identify phishing emails, deepfakes, and other emerging threats. Initiatives such as phishing simulation campaigns play a pivotal role in assessing and enhancing employee awareness within organisations. At Trend Micro, we prioritise this through internal training sessions tailored to educate our staff effectively. It’s essential to integrate cybersecurity awareness seamlessly into all technology solutions, cultivating a culture of cyber vigilance across the organization. This proactive approach not only fortifies defences but also empowers employees to confidently navigate today’s digital landscape.
How do you differentiate in the crowded security market with innovative products and solutions?
With over 35 years of experience in cybersecurity, Trend Micro stands out as a stable and trusted organisation with a strong legacy in cybersecurity. Despite the changes in the industry landscape over time, we have consistently upheld our position as a trusted leader. One of our key differentiators has been our pioneering work in driving conversations around XDR when the industry was primarily focused on EDR and also integrating our XDR solution into our flagship platform, Trend Vision One.
We have also embraced cutting-edge technologies like generative AI through our security assistant, Companion, which consolidates and provides comprehensive visibility across the entire attack surface, enabling organisations to proactively detect and respond to threats. Moreover, we specialise in tailor-made security solutions for emerging companies, ensuring that organisations across sectors benefit from our expertise in securing AI systems and staying ahead of industry trends.
Are there any potential sectors where you see traction or opportunities for Trend Micro?
As organisations, irrespective of sector, are moving to digital, cybersecurity is becoming increasingly critical, and therefore the need is substantial. In India, Trend Micro has built a strong presence in both private and government organisations and is serving a diverse range of industries, including IT, ITES, BFSI, defence, manufacturing, and digital-native companies (DNE). We are witnessing a significant growth in DNEs since they are inherently cloud-native and therefore ready to function within the SaaS framework. They are also agile and swift in adopting new technologies and cloud security measures and are growing rapidly, which indicates that their security needs are also growing with scale.
BFSI, defence, and government organisations are also demonstrating substantial investments in cybersecurity, with industries such as oil and gas and power utilities increasingly prioritising cybersecurity due to the integration of IT and operational technology (OT).
In India, hybrid deployment is popular, as several large customers are opting for a phased approach and are still cautious about moving to SaaS. Trend Micro offers multiple deployment options to cater to the distinct needs of these diverse systems and enables them to deploy our solutions according to their needs and timelines. Our objective is to address their immediate business needs and also raise awareness of the continuously evolving threat landscape.
What are Trend Micro’s future plans or tech priorities for the next year?
In the India and SAARC markets, our strategic focus revolves around the seamless transition of all our customers to Trend Vision One, our flagship platform. We aim to streamline their security consolidation efforts and provide them with a unified view of their security posture. As part of this initiative, we are also offering complimentary access to Trend Vision One Essential Access to all our customers, allowing them to experience the benefits of our platform and recognise its value in enhancing their security operations.
Additionally, we remain committed to advancing AI capabilities for cybersecurity. We recognise its importance in combating evolving threats, and we are dedicated to ensuring secure AI tool usage and promoting responsible practices.
Trend Micro remains steadfast in its mission to continuously innovate, adapt to emerging cybersecurity trends, and meet the evolving needs of its valued customers.