46 INTERVIEW Essentials for AI security Todd Fortwengler from Coretek shares insights on safe AI integration, risk mitigation strategies and the role of Microsoft’s security solutions in Coretek’s CoreDefend BY ALICE CHAMBERS The 2024 AI opportunity study by IDC found that generative AI usage jumped from 55 to 75 per cent between 2023 and 2024. As AI adoption accelerates, businesses need to proceed with caution, particularly when it comes to security. Todd Fortwengler, director of security at Coretek, is helping firms safeguard their data, identities and systems as they invest in AI. What are the most important things to consider when planning to adopt AI? The first step is choosing a technology partner to identify AI use cases and drive rapid efficiencies using both custom-built and ready-made AI platforms to achieve organisational goals. The next, and possibly most important, step is to secure your data estate. It’s also essential to organise the ongoing management of threat detection and rapid response. We believe Microsoft is the right platform provider and Coretek is the trusted partner to get you there. What foundational steps should an organisation take to integrate AI securely into its data security framework? First, I would emphasise the importance of carrying out a comprehensive assessment that covers data security, identity protection, device security, servers and identities. Conducting a thorough assessment of the current security posture is essential too. This involves evaluating existing security measures, identifying potential vulnerabilities and understanding the organisation’s readiness for AI adoption. It’s important to establish a clear baseline to measure progress and identify areas that need improvement. For example, devices play a significant role in data security. Ensuring that all devices connected to the network are secure and compliant with security policies is vital. This includes implementing endpoint protection solutions and regularly updating software to protect against vulnerabilities. When it comes to data, it’s important to classify and tag data based on its sensitivity and importance. This helps in applying appropriate security measures to protect critical data assets. In addition, leveraging Microsoft Purview for governance along with data encryption, both at rest and in transit, should be a standard practice to safeguard data from unauthorised access. Servers are the backbone of any IT infrastructure and securing them is paramount. This involves implementing strong authentication mechanisms, regularly patching and updating server software, and monitoring server activities for any signs of compromise. Additionally, employing AI-driven security solutions can help in detecting and mitigating threats in real time. Lastly, managing identities is crucial for maintaining a secure environment. Implementing identity and access management (IAM) solutions ensures that only authorised users have access to specific resources. Multifactor authentication (MFA) adds an extra layer of security, making it more difficult for attackers to gain unauthorised access. By addressing these key areas, firms can create a solid foundation for adopting AI along with their data security strategies. This comprehensive approach not only enhances security but also ensures that the organisation is well prepared to leverage the full potential of AI technologies.
RkJQdWJsaXNoZXIy NzQ1NTk=