Cloud security and artificial intelligence have had a long-term partnership. For nearly a decade, AI has been used to identify threats and prioritize risks in the cloud through its pattern recognition capabilities and anomaly detection.
A lot has changed over the past 10 years, however. With more people and organizations migrating to cloud applications, threat actors have followed along, seeing cloud applications as a prime target.
Cloud security is more important than ever to an organization’s cybersecurity maturity, and AI’s integration into cloud security tools is a vital layer of defense against an expanding cloud-based threat landscape. Now, one of the biggest game changers for cloud security is generative AI, according to Google.
“Generative AI has the potential to reduce the toil of repetitive tasks that plague security teams, like aggregating and enriching data from a multitude of sources to gain a more complete understanding of risks and where to focus,” Sunil Potti, VP/GM of Google Cloud Security, said in a recent blog post as part of the Google Cloud Security Summit in June.
Google’s own cloud security efforts include AI Workbench, where AI will be used to address and prevent emerging threats, eliminate the toil of threat fatigue caused by alert overload and close the talent gap.
SEE: Here is a deep dive into how generative AI works.
Building on AI’s role in cloud security
Traditionally, AI has been used to detect and remediate hundreds of threats in a matter of seconds.
Generative AI takes AI to a new level because it focuses on creating new data rather than just analyzing existing data. “[Generative AI] enables the development of realistic synthetic data, which can be used for training and testing security models without exposing sensitive information,” Bob Janssen, vice president of engineering and head of innovation at Delinea, told TechRepublic.
Generative AI is a game changer in how organizations address cloud security, Janssen said. “It provides realistic synthetic data for testing, simulates sophisticated attack scenarios and minimizes the risk of exposing sensitive information during development, enhancing overall security measures,” he added.
How generative AI impacts cloud security
What makes generative AI stand apart from the AI models used currently in cloud security is its ability to summarize, classify and generate information. With proper training, it can reason about specialized data and provide natural-language, conversational interactions that facilitate workflows more quickly than flat interfaces in typical security tools.
“These characteristics applied to cloud security enable customers to identify and prioritize the most relevant risks to their unique environment or regulatory requirements; to quickly generate the queries and detections required to consistently monitor for threats,” Potti said. Generative AI can be used to interact in natural language with an assistive experience that can guide customers to their ideal outcomes.
At Google, for example, cloud security is being “supercharged” with generative AI so customers can search petabytes of event data using natural language instead of writing custom queries. Another feature provides a human-readable explanation of potential attack paths and steps to remediate.
“So with AI, it’s still early days,” Potti said, “but we’re leveraging these superpowers to achieve security outcomes like early breach detection or instant classification of potential malware.”
Read next: A fundamental guide to cloud security.