Today, Generative AI (GenAI) is redefining our understanding and perspective on cybersecurity. It is a double-edged sword that, on one hand, has complicated the entire threat landscape with sophisticated attacks and on the other poses an effective defense for the same. Considering the rising need for further complex of cybersecurity solutions, Data Security Council of India (DSCI) and Amazon Web Services (AWS) joined hands to enable Indian cybersecurity startups to leverage the power of GenAI and enhance their solutions effectively.
In an exclusive interview with Express Computer, Vinayak Godse, CEO at DSCI and Sundar VG, Director for Business Development, AWS India, elaborated on the evolving cybersecurity scene and shared much-valued insights on the startup ecosystem in the country.
How critical is GenAI for the cybersecurity sector? Can you shed some light on the DSCI and AWS partnership?
Vinayak Godse: If we look at the cybersecurity ecosystem or the technology ecosystem, on the whole, it is vibrant and dynamic. While we talk much about GenAI lately, it has a lot of play in cybersecurity as well. Hence, we have been following how the global ecosystem is looking at GenAI to solve cybersecurity problems. We started putting our attention to the patents getting filed and started looking at what companies in India are doing. This was one of the reasons why we thought about creating this cohort of companies that want to build on GenAI. As a part of this cohort, there are largely startups and some product companies. Besides, there are some user companies like banks that want to explore such a setup.
We are looking to help them with use cases we have aligned with the context of what they are building, how they are building, and what kind of support they need from us. An important support to these companies are mentorships and how to use compute for cybersecurity. And, once they build it, how to take it to the market. This vision formed the basis of AWS and DSCI’s partnership. This is critical because countries are already talking about cybersecurity and AI. Security of AI is one part but AI for security is a very interesting element that we are building and with this we will catch the trend early in terms of building this capability and if we build with AWS, the go-to-market strategy will be absolutely easy.
How many startups have you been able to rope in yet? How is it going? Also, are they going to be more deep tech or quantum-based startups or they are into cybersecurity?
Vinayak Godse: There are seven to eight quantum-based startups that we have, but here I’m trying to get those into focus who are largely augmenting their technology using GenAI. Today, people look at GenAI as the new antidote for cyber threats, nevertheless, it has its own set of pros and cons. The cybersecurity industry opens up new chapters and possibilities with AI.
AI models can be of great help in three areas majorly, when it comes to cybersecurity. Firstly, it can process the data effectively and timely creating a positive impact on your efficiency and productivity. Secondly, it can impact the coding level. While using a mature model it can detect any discrepancy or any malicious software at the code level. The third is detecting the fraud size. It’s important because getting the context and processing that context to identify the modus operandi becomes easy with AI machinery in place. However, the matter of concern is that the attackers would not have any constraint to use Al in a regulated fashion or for ethical purposes only. Whereas industry is too concerned and too regulated that they are worried not to use AI in industry environments. This is an asymmetry that we are observing. Hence, bad actors may be very aggressive to use it, while good actors may be constrained to not use it.
Sundar VG: We bring a deep understanding of how startups work. What do their founders think? What do their CTOs think? What do their CPOs think? Second, we have experts who help with training startups on how to use some of AWS’s building blocks and train them on architectural fundamentals, security fundamentals, etc. Third, we provide credits for them to build. And, the fourth aspect is we provide them go-to-market support once the product is built. So this is the overall value that we bring to the table. Moreover, we periodically help them review their architecture. So we conduct what are called WARs – Well-Architected Reviews – where there are five pillars to the review, including security and cost. Besides, it takes into consideration things like resilience, productivity, and so on. These startups grow up and become mature digital natives, eventually, they might even become large enterprises but they tend to continue to build with us and that’s for us the proof of the pudding.
How do you see the impact of the rising use of GenAI in cyberattacks on our security scenario and how can we be better geared up with GenAI in defense?
Vinayak Godse: The extent of GenAI adoption that we see today has a few limitations because there are still accuracy issues. Many of the use cases at present are largely to build capacities, but going forward with the onset of CloudAI you will be able to deploy GenAI models to make decisions as well. When security comes into the picture, we still have people making enforcement decisions. Lately, we have witnessed the use of precision AI in decision-making for cybersecurity aspects. Eventually, it will be replaced by GenAI. We are seeing loads of investments in GenAI.
If we consider some solid use cases of GenAI in the area of cybersecurity, one of the key initiatives will be a multi-agent system, developed by one of the startups under our cohort. You take multiple actions back to back to ensure comprehensive security and enforcement while aligning with all the compliances. A multi-agent system can come in handy here. Today, people are building AI-powered agents that are experts in various areas like data processing, running applications, and understanding ransomware. So these expert agents will connect with your agent and work in tandem to help you to take informed action. We will see this happening in the coming two to three years.
Sundar VG: Another interesting use case is strengthening security by design. Today what happens is typically when you design a system and architecture, you first build and then you go for penetration testing by ethical hackers. However, in AWS, we have always believed in building robust security from the first day so that we are not entirely dependent on our reactive testing. One of the things that we would probably see coming is threat modeling. At the design stage where you have a specification, an approximate architecture diagram, and the data flow diagram, you can feed that into a large action model. The model in turn analyses and flags potential threats your architecture is likely to face. Moreover, it helps in devising a game day plan. However, this is like a prediction and nothing exists at that point in time. So, how do I generate documentation out of that? Through such models, we can generate synthetic data. Hence, even before you put a real plan in place, you can have a fairly good assessment of what could go wrong and how to gear up your architecture accordingly.
Do you think GenAI can close vulnerabilities and evolve with the threat landscape? Also, can threat modeling or scenario planning give us an edge over threat vectors?
Vinayak Godse: Whenever there is a vulnerability, even for a brief moment, it is likely to be widened and leveraged. Considering the multiple applications running at a single point in time including third-party applications, speed of action plays a key role in inhibiting the exploitation of any vulnerability. As we are talking about threat modeling or scenario planning, likewise threat vectors must also be gearing up their tactics and strategies.
Here comes the role of the AWS platform. AWS’ huge industry presence and wide network of customers serve as a source of intelligence for them. This data load gives an edge to AWS over the others, including the threat vectors which probably are individuals or small groups. The upper hand in data is making this capability available for startups and other organisations leveraging the platform to build security solutions.
Sundar VG: There is, of course, the network effect that Vinayak mentioned about AWS wherein as more players come on to the platform the more the breadth of experiences we get which we can then flow back into the product. However, while working with DSCI, we were able to get connected with startups that can help us crowdsource ideas. Moreover, we have something called a Mad Pod where we capture all of those events that we were referring to and look for patterns basis which we then go back to and create additional controls. Besides, capturing the data from Mad Pod and analysing it, we work at the edge to capture real-time instances and try to come up with apt solutions to stop or prevent any attack. In the yesteryear, we were able to prevent over 200 thousand events, thanks to this tool.
What has been the achievement of this partnership yet? To what extent have you been able to deliver on bettering defense against cyber menaces?
Vinayak Godse: Over 400 startups are working as a part of the cohort leveraging our experience and data points to build cost-effective and easy-to-deploy security solutions. Now, we need to look at how to democratise security.
People have been leveraging the cloud to develop capabilities and share it across the globe. Cloud is one such example wherein many enterprises have put their trust in sharing their datasets more securely than the conventional internet models. However, with the onset of AI, especially GenAI, the threat landscape has evolved dramatically. This calls for a dire need to democratise security solutions and spread awareness. Therefore, a new paradigm is shaping up and we are there at the forefront of creating those much-needed capabilities to evolve with the changing paradigm. That’s the effort we are putting in.
Sundar VG: Meanwhile, there are many ways to measure success. For me, the best proxy is the fact that today we see organisations that were earlier nervous about security, are comfortable using the cloud because today hyperscalers and cloud providers are upgrading security ensuring safe transactions and storage of data.
In terms of AWS, startups and bigger enterprises are building new capabilities in the cloud leveraging our components as the building blocks and building on top of it. This gives us the confidence that people who are experts in this field, if they are willing to use our building blocks to secure their solutions then we know we are doing something right.
You just mentioned that “democratisation of security is highly important”. Do you think through startups connected with you or through the training and awareness programs under this partnership, you will be able to reach the citizens at the grassroots level?
Vinayak Godse: There are two approaches to this. First, some people are not able to invest, possibly like end users. In that case, we need to find a way to have security in place without burdening them with expensive anti-viruses or any additional security solutions. Ideally, we should ensure that we build systems with in-built security by design.
The second is at the aggregator level. If you are taking the internet service, the internet provider itself takes care of security issues. Similarly, a cloud provider offers in-built security and the enterprises using it add layers of security to safeguard their data further. Hence, in this case, enterprises deploy solutions like firewall.
Sundar VG: Further, when it comes to cost, cloud providers are also reducing their cost of working with their customers. At AWS, our focus has always been to try and continuously spin our flywheel faster so that we bring down our marginal cost and then pass that on as a benefit to our customers. So when we lower prices, it is because we have this flywheel concept internally. We use it in every part of Amazon’s business.