How can product leaders adapt to the age of AI-driven cybersecurity threats? Generative AI has made it easier for bad actors to launch sophisticated attacks by providing advanced tools for traditional vectors like scraping and phishing. The evolution towards Large Action Models (LAM) and the increasing reliance on AI-powered workflows, such as Chat Assistants, are opening new avenues for cyberattacks. As more businesses shift operations to AI-driven platforms, these systems become prime targets for attackers. Interestingly, many bad actors are now more proficient in AI and generative AI technologies than the defenders, which poses a significant challenge to cybersecurity efforts. This shift marks a new era of AI-driven cyber threats and vulnerabilities. In this webinar hosted by Nisarg Desai, Arkose Labs Head of Product Vikas Shetty will share insights on how product leaders can stay ahead of AI-driven cybersecurity threats by leveraging innovative defense mechanisms.
Join us for new conversations with leading product executives every week. Roll through the highlights of this week’s event below, then head on over to our Events page to see which product leaders will be joining us next week.
Show Notes:
- Arkose Labss is a bot management company that protects large enterprises from malicious bots, account takeover, and other cyber threats.
- Arkose Labs’ approach is to disrupt the adversarial economics by increasing the cost and effort for attackers. They are decreasing the value of their attacks and imposing real-world consequences.
- Arkose Labs uses a multi-dimensional detection approach that looks at device, biometric, network, and other signals to identify and mitigate attacks.
- The platform has four pillars: proactive defense, intelligence, adaptive response, and actionable data.
- Arkose Labs’ customers include some of the largest enterprises across industries like tech, finance, and gaming.
- The rise of generative AI has reduced the barrier to entry for attackers. It has also turbocharged existing attack vectors like scraping and device spoofing.
- Attackers are using generative AI to create more sophisticated phishing campaigns, infrastructure for abusing AI platforms, and reverse proxy-based MFA compromise.
- There is an emerging “bypass restriction as a service” economy where attackers are creating proxy infrastructure to provide access to restricted AI models.
- Attackers are also targeting chat assistants powered by AI models to scrape prompts and train their own models.
- Product managers need to closely monitor traffic patterns. They need to implement bot management solutions, and conduct comprehensive security assessments to protect against these AI-powered attacks.
- The cycle of defenders and attackers leveraging AI will likely continue, as long as it remains economically viable for attackers.
- The goal should be to make it economically unviable for attackers. This can be done by increasing their costs and decreasing the value of their attacks.
- Arkose Labs uses techniques like adaptive challenges, shadow banning, and working with legal agencies to disrupt the adversarial economics.
- The number of contributors to malicious AI infrastructure can be in the thousands. This highlights the scale and sophistication of these attacks.
- Traditional security signals like email and website anomalies are becoming less effective as attackers use AI to bypass them.
- Behavioral analysis and holistic monitoring of metrics like spending and compute costs are crucial to detect under-the-radar attacks.
- The cybersecurity landscape is an adversarial space where the cycle of defenders and attackers leveraging new technologies will likely continue.
- Product managers need to stay vigilant and implement specialized bot management solutions to protect against these AI-powered attacks.
- Making it economically unviable for attackers is key to breaking the cycle, rather than trying to develop unbreakable defenses.
- The sophistication and scale of these AI-powered attacks highlight the need for a proactive, multi-dimensional approach to cybersecurity.
About the speaker
As the Head of Products and Research at Arkose Labs, I lead the strategic and tactical direction of the product portfolio that provides long-term protection against bots and online fraud. I have over 19 years of experience in the internet content delivery, data intelligence, cloud security and artificial intelligence domains, with a Bachelors Degree in Computer Science, General Management from Indian Institute of Management and a Certificate in Leadership and Management from The Wharton School. Prior to joining Arkose Labs, I worked for Akamai Technologies as senior director of global services product management and engineering overseeing a multi-million-dollar global services product portfolio.
About the host
Nisarg is currently the Director of Product at cloud security unicorn Lacework, and has a decade of experience in Product Management with the entirety of his focus on securing enterprises from cyberattacks. He has built both 0-1 and 1-100 products in cybersecurity. He is passionate about pushing forward the field of product management by helping a diverse field of entrants grow into successful PMs. He lives in Boston, MA.