The Dual Role of AI in Identity and Access ManagementRSA's Rohit Ghai on AI Being an Attacker's Weapon and a Defender's Shield
Everyone needs to have a security-first mindset for identity because as much as it is a defender's shield, it is also an attacker's target, said Rohit Ghai, CEO at RSA. In fact, identities are the most attacked part of enterprises, yet too little energy is spent on monitoring them.
In a post-pandemic world, identities on networks have grown 10 times because of remote working and, in general, more users are now using identity platforms, Ghai said. We have more granular IT resources and are moving toward a microservices architecture, which makes things very granular and makes data for identity applications more complex. To address this challenge, implementing the latest technologies such as AI and automation will really be handy. But what about the ethics of AI?
"Any new technology often has a duality. It's a double-edged sword. What I see happening is that the attackers have been using automation and AI for a while to perpetrate attacks," Ghai said. "It's going to be a massive challenge keeping up with the threat actors because they are applying AI technology to attack identity and other aspects of the attack surface."
In this video interview with Information Security Media Group at RSA Conference 2023, Ghai discusses:
- Real-world deployment of zero trust;
- The application of AI and ML for identity management and its security;
- The evolution of identity management.
Ghai, CEO of RSA, also provides oversight to the Archer, Outseer and RSA Security businesses as a member of the board of directors. He advises global customers on their digital and security transformation initiatives. Previously, he served as president and chief executive of Dell EMC's Enterprise Content Division, Documentum.