AI: The Force Multiplier for Cyber Defense
On the 19th episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Eric Brohm, Chief Information Security Officer at Wyndham Hotels & Resorts. Wyndham is the world's largest hotel group, offering nearly 10,000 properties in 95 countries across 24 global brands. In this conversation, Eric shares his thoughts on how AI is fast becoming an indispensable tool for cybersecurity teams, the potential of AI in risk-based decision-making, and the growing trend of cybercriminals using AI.
When most people think of Wyndham Hotels, they picture luxurious accommodations or dream vacations. Behind the scenes, the company's vast digital footprint and guest data create a complex security environment that requires vigilance and a multi-faceted approach. Wyndham's operations extend beyond hotels, involving complex digital infrastructures increasingly targeted by cybercriminals. As Eric explains, this evolving threat landscape demands a sophisticated approach to security, especially as AI becomes more integral to both attackers and defenders: "Attackers take up tools quicker than we do; they're more agile. They don't need to worry about test environments and testing… they go and use it." Now, cybercriminals are using AI to amplify their attacks' precision and scale, automating once labor-intensive tasks. They can now convincingly replicate executives' voices, likenesses, and messages with deepfake technology, making social engineering schemes more advanced and challenging to detect. Eric elaborates: "We're seeing it very clearly generate text message conversations going back and forth, impersonating some of our executives… We've even heard voicemails where AI is using recordings of our executives and generating different speech, different words."
However, the same technology that cybercriminals use to advance their attacks is also becoming a powerful tool for defenders. Eric emphasizes how AI is helping cybersecurity teams improve their ability to detect threats and respond more effectively. With AI automating many of the time-consuming, repetitive tasks associated with security operations, human analysts can focus on higher-level problem-solving and strategic decision-making. "I see AI being a force multiplier for humans and helping them respond even more quickly," Eric explains. "SOC Analysts don't need to get the syntax right in a search query; they type in what they're looking for, and the AI understands the types of logs that it has; it even potentially understands business context around that and can help point them in the right direction a lot quicker." In other words, AI enhances security teams' capabilities by processing vast amounts of data, spotting anomalies, and flagging potential threats far more efficiently than just human analysts alone. This partnership between human expertise and AI-driven insights is critical in maintaining agility and staying ahead of increasingly sophisticated attackers.
Additionally, AI's impact on cybersecurity extends beyond detecting and responding to threats. Eric believes AI can transform how organizations approach risk management by enabling more intelligent, data-driven decisions about where to allocate their security resources. He envisions a potential reality where AI integrates real-time data with business strategy to help teams prioritize the most pressing risks. As Eric describes it, "If we look at this from a risk perspective, that AI has context, from our logs, telemetry, business strategy, and context and pulls all that together and we can ask it, 'Here's what we're doing. What do we need to be doing? What are the high-risk areas that we're not covering?' Or 'Here is what we're seeing. What do we think this attack is?' Helping us diagnose those things quicker so we can treat them quicker." This shift would allow organizations to adopt a more proactive security posture, identifying vulnerabilities before they become major issues and ensuring that resources are directed to the areas of highest concern. While AI-driven risk management is still in its early days, its potential to help companies predict and prevent threats more effectively could be a game-changer for the industry.
As AI continues to reshape the cybersecurity landscape, the key to success will be finding the right balance between human expertise and AI-driven solutions. While AI brings immense promise by automating processes and enhancing threat detection, it's not a silver bullet. Human judgment remains crucial to interpreting data, making strategic decisions, and adapting to emerging challenges. The most effective security strategies will combine the speed and precision of AI with the experience and insight that only people can provide. At the same time, collaboration across the cybersecurity community is more important than ever. As cybercriminals grow more sophisticated, organizations must share knowledge, tools, and strategies to stay ahead. By working together and leveraging the best of both human and machine capabilities, businesses can defend against current threats and anticipate and mitigate those on the horizon.
