Cybersecurity, the watchword: automate and simplify

Let us start with a well-known concept: artificial intelligence is increasingly assuming the role of a critical infrastructure, comparable in importance to energy and semiconductors, in a context where competition between countries and industrial systems does not depend on a single factor. "Access to data, computing capacity, human capital and the supply chain are all fundamental and, above all, are interdependent on each other," explains Helmut Reisinger, ceo at the Emea level of Palo Alto Networks. We met him in Milan for the Californian cybersecurity company's 'Ignite On Tour' event dedicated to customers and partners, and he confirmed to Il Sole 24 Ore how Ai is going through a new evolutionary phase.

After the season of machine learning and the more recent one of generative tools, what is known as 'production AI' is gaining ground, i.e. systems based on digital agents capable of performing operational and transactional tasks. Having said that an advanced computing infrastructure may not be enough if there is a lack of data to work with (and talent that can handle it), the onward race of artificial intelligence increasingly elevates the centrality of security as an enabling factor. "Having good cybersecurity for AI is just as important as having AI itself," Reisinger emphasised in this regard, recalling how it is necessary to think in two dimensions - AI for security and security for AI - and how machine learning techniques have been used in Palo Alto since 2014, anticipating a trend that is now inevitable, namely the automation of cyber defence.

Artificial intelligence makes attacks faster, more scalable and sophisticated, and the explosion of data, accelerated by the cloud and AI itself, makes it impossible to manage security with human intervention alone; and it is precisely thanks to algorithms that the American company analyses more than 15 petabytes of information from networks, cloud environments, endpoints, firewalls, devices and industrial systems every day).

On the other hand, as Reisinger cautioned citing data from Stanford University, only a small fraction of AI implementations (around 6 per cent) are accompanied by an adequate security strategy. "Many organisations are adopting this technology without securing it and it is the same phenomenon that we used to call shadow IT in the past, whereas today we talk about shadow AI".

Cybersecurity,' the CEO remarked, 'is first and foremost a data issue, and limiting cyber defence to local data is ineffective, because businesses are interconnected and operate in global markets, and threat intelligence must be of the same scale. It is no coincidence, therefore, that the issue of an organisation's resilience and its ability to withstand attacks is now a top management priority (applies to all sectors, banking in the lead) and that this sensitivity is also reinforced by the European regulatory framework, from the Gdpr to the Nis2 directive to the AI Act. For companies, the challenge is therefore twofold: to defend increasingly complex digital infrastructures and at the same time simplify security management. It is not uncommon, in fact, for a large company to have accumulated dozens of different solutions over the years (Palo Alto estimates an average of between 30 and 40) that do not communicate perfectly with each other, thus creating inevitable points of vulnerability. The answer to this problem, according to Reisinger, is the 'flattening' of cybersecurity, i.e. a unified approach to security that stems from the use of integrated platforms and that also leads to a change in the way the return on investment is assessed, through three factors: real-time protection, the increased automation made possible by AI, and (precisely) simplification at the technological level.