Overcoming Security Blind Spots Through Automation, Innovation and AI
On the 22nd episode of Enterprise AI Defenders, hosts Evan Reiser and Mike Britton, both executives at Abnormal Security, talk with Joe Silva, former Chief Information Security Officer at JLL. JLL is a commercial real estate company operating in 84 countries worldwide. The company has over 100,000 employees, $20 billion dollars in annual revenue, and ranks #193 on the Fortune 500. Managing billions of square feet of property worldwide, JLL delivers a full suite of services, including — property management, leasing, capital markets, and real estate technology solutions. In this conversation, Joe dives into the realities versus the hype of AI in cybersecurity, AI’s role in shifting the balance between human judgment and automated systems, and AI’s potential to solve long-standing defender blind spots.
As AI continues to take center stage in the news, it's essential to separate its true capabilities from inflated promises. Joe highlights how AI excels in amplifying existing technological capabilities. "Gen AI is making it a lot easier for providers to make more information accessible and provide more context in tools. Where we see Gen AI being helpful is the ability to train machine learning models and actually get more utility out of machine learning." While AI-powered tools are transforming workflows and improving efficiency, misconceptions about their potential could lead to unrealistic expectations. Joe acknowledges the genuine utility of AI but cautions enterprise leaders against believing it can solve every problem. A main concern of Joe's is that "Attackers are always outpacing defenders," emphasizing that adversaries adopt new technologies faster and more effectively than defenders, often without the same bureaucratic or ethical constraints. The lack of obstacles for nefarious actors makes Joe skeptical of claims that AI can detect novel attacks or write inherently secure code. "There's not enough secure code in the world to train Gen AI on how to write secure code," he asserts. Instead, Joe encourages defenders to focus on practical applications like automating workflows and enhancing decision-making, steering away from chasing currently unattainable goals that detract from AI's actual value.
Today, the role of AI in cybersecurity is shifting from a supportive tool to an essential component in decision-making. Organizations are increasingly leveraging AI to handle tasks that once required human judgment, especially in areas prone to error, like fraud detection. Joe sees a future where AI takes on even greater responsibilities, reducing reliance on human intervention in critical processes. "When you look at what so many of these attacks are built on, they're largely aimed towards financial fraud, and it's always some cyber-enabled breakdown in financial controls involving humans. So humans start to come out of the loop, both in their ability to detect fraud, and to vet it. Then everything is going to happen largely via AI." This shift toward AI-led processes could fundamentally change how organizations operate, with anomaly detection, vetting, and remediation happening autonomously. Yet, Joe warns of risks associated with over-reliance on AI, including model poisoning and diminished trust in key technologies. "What scares me is model poisoning at scale. We have a hard time aligning on objective truth as a society. When that starts to occur in technologies that we rely on all the time, each of us could pull up our maps app and navigate someplace correctly, but if we start to lose confidence in the ability of basic technologies, I think that could take us to a very dark place." he cautions. While automation holds immense promise, it must be balanced with human oversight to ensure systems remain reliable and adaptable in the face of emerging threats.
Despite advances in cybersecurity, defenders still face persistent challenges that leave their organizations vulnerable. Issues like incomplete asset inventories and opaque third-party risks remain among the most significant blind spots in enterprise security. These gaps prevent organizations from fully understanding their attack surface, making it difficult to apply controls effectively. Joe identifies these blind spots as critical areas where AI can make a transformative impact. "You can’t secure what you can’t inventory," he notes, highlighting the importance of accurate and contextualized data. AI’s ability to synthesize disparate datasets provides defenders with a more comprehensive understanding of their systems. This enhanced visibility not only improves detection and response times but also allows organizations to proactively align their defenses with identified risks. "The advantage of AI is the ability to take these disparate data sets, put them together, give us a contextualized inventory, and tell us about the behavior and accesses of all of these third party applications and services that we're using. Then we can proactively array controls, speed our time to detect, respond and remediate." By addressing these vulnerabilities, AI helps defenders maximize the effectiveness of their existing tools and reduce overall risk in an increasingly complex threat landscape.
As enterprises rapidly approach a new realm of what is possible, the integration of AI presents both opportunities and challenges for defenders. While attackers continue to exploit new technologies at an increasing pace without concern for governance or following established guidelines, defenders now have access to AI-powered tools that can streamline operations, address blind spots, and enhance decision-making. The key, as Joe emphasizes, lies in using AI thoughtfully, focusing on its strengths and identifying practical use cases. Joe’s insights highlight the importance of collaboration between human expertise and AI-driven innovation. AI is a catalyst for progress, but only if its use aligns with understanding both its strengths and its limitations. For defenders, this means adopting AI in ways that enhance resilience, leveraging its potential to automate routine tasks and enable strategic focus. By embracing AI as a partner, not a replacement, defenders can remain agile and proactive in an ever-changing threat landscape.
