CXOTtoday engaged in an exclusive interview with Kunal Anand, Director of Technology and AI at F5
- In today’s landscape, businesses are facing a “complexity tipping point” in their IT infrastructure. Could you shed some light on the challenges businesses face when it comes to cybersecurity? How can they protect themselves against such challenges?
In today’s rapidly evolving digital landscape, businesses are facing a “complexity tipping point” in their IT infrastructure, leading to numerous cybersecurity challenges. The proliferation of APIs has created new attack surfaces, while the implementation of artificial intelligence (AI) raises concerns around data governance and security.
Many organizations overlook the critical importance of AI governance in maintaining customer trust while delivering high security standards and excellent digital experiences. To address this issue, businesses should consider investing in AI centers of excellence and recruiting IT professionals with specialized expertise to drive the safe adoption of AI.
As the use of AI increases, so does the challenge of protecting the large amounts of data generated, whether in transit or at rest. This amplifies the need for robust data security strategies that can protect sensitive information in various environments. Failing to address these risks could undermine the very foundations of AI-driven innovations, making comprehensive security frameworks a key priority.
Global IT outages have also led business leaders to seek solutions that protect their IT infrastructure, data and applications. It is therefore imperative for organizations to adopt secondary and tertiary providers in their technology stack to ensure business continuity despite large-scale device and infrastructure shutdowns.
To guard against these challenges, businesses must adopt a multifaceted approach. Implementing a Zero Trust architecture, leveraging AI-based security solutions, and improving AI governance are crucial steps. Improving data security through encryption and regular audits is essential, as is ensuring business continuity through robust disaster recovery plans.
API security requires special attention, including strong authentication and regular testing. Employee training remains an essential element in maintaining a secure environment. Adopting comprehensive security frameworks provides a structured approach to cybersecurity.
- The advent of AI and ML has introduced sophisticated security threats. What are the specific challenges posed by these technologies and how can businesses effectively counter them?
The rise of AI and machine learning has introduced sophisticated security threats as well as powerful defensive capabilities. AI-powered attacks can now mimic human behaviors, resolve CAPTCHAs, automate vulnerability discovery, and execute highly targeted phishing campaigns. This development challenges traditional signature-based security systems, requiring a transition to AI-based defenses.
To counter these threats, businesses are increasingly adopting AI and ML-based security solutions. For example, organizations in India have a 16.5% adoption rate of these technologies to improve their security infrastructure. Advanced web application firewalls combining signature and behavioral protection with AI techniques are becoming essential. These systems can better identify bad actors and protect against evolving threats.
Companies are also implementing web application and API protection (WAAP) services that use AI and ML to monitor and mitigate potential threats. This approach enables continuous learning and adaptation of security systems, essential to keep pace with AI-based attacks. Additionally, improving employee training to recognize sophisticated phishing attempts and developing comprehensive AI governance frameworks are critical steps to protecting organizations against these new challenges.
- While AI has paved the way for cyberattackers, it is also revolutionizing the way businesses operate today. How should businesses prepare to leverage these technologies for both offensive and defensive security measures?
AI is rapidly transforming offensive and defensive cybersecurity measures. On the offensive side, AI can revolutionize vulnerability identification, simulate sophisticated attack scenarios, and improve threat hunting with unprecedented precision. On the defensive side, AI-powered security tools provide real-time monitoring, anomaly detection and automated responses, enabling cybersecurity teams to neutralize threats quickly and accurately.
To effectively leverage these technologies, companies must create AI centers of excellence and train AI-competent IT teams. This approach ensures the secure and responsible integration of AI into organizational infrastructure. Generative AI, in particular, is becoming indispensable for automating complex tasks, generating content, analyzing data, improving decision-making, and creating personalized experiences.
Widespread adoption of AI tools is evident: 83% of employees in India are already using them, according to a Deloitte report. However, this trend also raises concerns about intellectual property theft via automated content scraping. To mitigate these risks, organizations should implement proactive measures such as authentication walls to protect their data.
- Could you tell us how F5 helps businesses manage IT complexities in the AI/ML era and improve their security posture?
F5 actively helps businesses manage IT complexities in the AI/ML era by using machine learning models for anomaly and bot detection. We also deploy deep learning models for behavioral detection to counter sophisticated AI-based cyberattacks that can easily bypass traditional security systems.
Our approach extends to creating intelligent AI-driven services that leverage vast data sets from F5 products. These services provide valuable insights and enhance automation, enabling our customers to make more informed decisions and take faster actions in response to security threats.
By combining advanced ML techniques, deep learning and AI-driven analytics, F5 provides comprehensive solutions that help businesses improve their security posture and stay ahead of evolving challenges cybersecurity in today’s rapidly evolving technology landscape.
- F5 recently launched its 2024 Strategic Insights: API Security in APAC report. Can you shed some light on the key security solutions that are currently a priority for Indian businesses? How do these solutions address the unique challenges facing the Indian market?
The use of application delivery and security technologies is skyrocketing and to assess the current API security landscape in the Asia Pacific region, F5, in collaboration with Twimbit, conducted an in-depth survey for the Strategic Outlook 2024: API Security Report in APAC. The survey involved 297 professionals from various industries, including security, DevOps, SecOps, and application development, across ten countries in Asia Pacific. Through this report, we found that broken authentication and server-side request forgery are the top security concerns for Indian organizations, with a focus on the following security solutions:
- API security testing, access control and runtime protection for comprehensive API security: In India, API security testing is the top priority, with 57% of respondents considering it a top concern. API access control, including authentication and authorization, is another key priority, highlighted by 47% of respondents.
- Code Security Solutions: Code security solutions are the most adopted API security solutions in India, with an adoption rate of 18%. This highlights the importance of secure coding practices and static code analysis to prevent the introduction of vulnerabilities during the development phase. By integrating code security solutions with AIML technologies, businesses can proactively identify and resolve potential security issues, ensuring a secure end-to-end API environment.
- API Gateways: API gateways play a crucial role in India’s API security strategy, with an adoption rate of 16.5%. Using API gateways helps manage and secure API traffic, providing essential controls for access and consumption, which is essential given India’s significant use of RPC APIs (43%) and REST (43%).
- AIML solutions for complete protection: AIML solutions are another key focus for India, with an adoption rate of 16.5%. The increased adoption of AIML solutions demonstrates India’s proactive approach to leveraging advanced technologies for comprehensive threat detection and prevention, ensuring robust security measures in dynamic API environments.
