On the 18th episode of Enterprise Software Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Stephen Harrison, Senior Vice President and Chief Information Security Officer at MGM Resorts International. MGM Resorts International is a global hospitality and entertainment leader, operating some of the most iconic destinations in Las Vegas and beyond. MGM boasts an annual revenue of over $16 billion and employs more than 70,000 people worldwide. In this conversation, Stephen shares his thoughts on cybersecurity complexities in the entertainment sector, the deployment of AI in safeguarding systems and enhancing attack methods, and the escalation of automated attacks targeting human error.
When most people think of MGM Resorts, they picture the glitzy casinos and luxurious hotels that line the Las Vegas Strip. However, MGM's reach extends far beyond these iconic landmarks; it is a sprawling conglomerate with a wide range of facilities, from sports arenas and entertainment venues to digital platforms, each presenting its unique security challenges. As Stephen explains, the scope of MGM's operations creates a complex and dynamic security landscape that requires constant vigilance and adaptation: "The corporation owns about 48 percent of the Las Vegas strip, and they have golf courses, sports arenas, restaurants, entertainment venues... It's probably the most diverse company I've worked in." This diversity not only illustrates the operational complexity of MGM Resorts but also highlights the myriad of entry points and vulnerabilities that must be managed to protect physical and digital assets. The security team must tailor their approach to the specific risks associated with each facility, whether safeguarding customer data at a high-end restaurant or preventing unauthorized access at a sports arena. Navigating this landscape demands a robust, multifaceted security strategy that can dynamically adapt to the unique needs of each venue and event.
As technology advances, so does the threat landscape, presenting challenges and opportunities for companies like MGM Resorts. The rise of SaaS, AI, and cloud computing has fundamentally transformed how businesses operate and secure their digital assets. This shift from centralized to distributed IT environments introduces new vulnerabilities that necessitate innovative security protocols capable of keeping pace with rapid technological deployment. AI, in particular, has become a double-edged sword in cybersecurity, providing sophisticated tools to enhance security operations while offering new opportunities for cybercriminals. Stephen speaks to this dual nature of AI: "Every innovation that comes out is also empowering threat actors; it's not like we're just using it. And in some cases, they innovate way faster…I would expect to see ransomware as a service evolve by next year and become more like AI as a service for threat actors. They're going to subscribe with cryptocurrency, and it's not just going to be sending a phishing email, which AI is doing right now, for threat actors, but it's going to be helping them discover domains and vulnerabilities and issues with the company [they're trying to attack]." The ability of AI to automate and refine cyber-attacks means that security professionals must not only defend against traditional threats but also develop capabilities to neutralize advanced AI-driven attacks. Fortunately, the use of AI by attackers also generates valuable data that can be used to train defensive AI systems, allowing them to anticipate and counter future threats more effectively. This ongoing battle between offensive and defensive AI highlights the need for security strategies that are both proactive and adaptive.
Despite rapid technological advancements that continue to reshape the cybersecurity landscape, the human element remains a significant vulnerability within any security framework. Stephen emphasizes the importance of addressing human behavior in cybersecurity, particularly the ongoing challenges posed by social engineering and other human-centric threats. He notes, "The human element is always going to be a struggle... for some of these, there's no way to remove it from the attack path." Cybercriminals often exploit human error, such as weak passwords or susceptibility to phishing scams, to gain unauthorized access to systems and data. However, Stephen also acknowledges the supportive role that advanced technologies, particularly AI, can play in this context, "Find a way that you can create safe engagements to use these tools and see which ones are going to work for your use cases. These [AI tools] are going to drive new ideas and innovations and new ways of thinking for your teams." AI security tools are becoming increasingly sophisticated and can significantly reduce the burden on humans by automating the detection of suspicious activities and providing real-time alerts. For example, AI can analyze patterns of behavior that deviate from the norm, potentially identifying phishing attempts or unauthorized access before they cause harm. By integrating AI tools with human oversight, enterprises can create a more robust defense leveraging the strengths of technology and human insight.
Stephen's insights into the strategic use of AI, the persistent vulnerabilities introduced by human factors, and the complex balance that modern security professionals must maintain offer valuable lessons for businesses across all industries. As AI technologies continue to evolve, aiding and complicating security efforts, the conversation emphasizes a crucial takeaway: the need for proactive, adaptable security strategies grounded in technological innovation and human-centric approaches. In an increasingly digital landscape, there is a dynamic exchange between technological advancements and security necessities, and the ability to navigate this exchange will be vital to safeguarding the future of enterprise security. By staying ahead of the curve and continuously adapting to new threats and technologies, businesses can better protect themselves from the ever-present risks in the digital age.
Listen to Stephen's episode here and read the transcript here.