Artificial Intelligence & Machine Learning , Cloud Security , Next-Generation Technologies & Secure Development

Forrester Report: 3 Top New Threats in 2023

Forrester's Brian Wrozek on Poison AI Data, Cloud Complexity, Nation-State Threats
Brian Wrozek, principal analyst, Forrester

The launch of generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.

See Also: Enhancing Cyber Defense with AI-Powered SOCs

In the report, Forrester Principal Analyst Brian Wrozek predicts that attackers will reverse-engineer AI algorithms to poison data and cause algorithmic drift to fool users.

"I see them poisoning the data, putting in their own source information that they've crafted," Wrozek said. "You can almost think of it as a way your cryptanalysts used to try to break encryption algorithms by feeding it known data and trying to figure out what the output would be. That's concerning because as an end user, we tend to just take the algorithm at face value."

Organizations are more likely to source AI from a vendor than to build their own. Therefore, it is important to understand how vendors will protect their AI models, the report says. Wrozek said he advises businesses to ask vendors how they are validating their sources.

"Where are they getting the information to train these algorithms and how are they protecting those algorithms?" he asked. "What are they doing to make sure that the data is valid? Transparency is always good. How are they manipulating the bottle weights in the scaling of these algorithms to make sure that there's no bias in the outputs?"

In this video interview with Information Security Media Group, Wrozek discussed:

  • Predictions about how cybercriminals could potentially use generative AI to reverse-engineer machine-learning email tools;
  • How cloud complexity is changing the way security teams defend;
  • Advice to security leaders on how to gain a better understanding of nation-state threats.

Wrozek serves security and risk professionals. His coverage includes operational technology security and threat intelligence. He has extensive experience in helping Forrester clients secure their OT environments in industries such as critical infrastructure and manufacturing, and he guides clients on how to turn threat information into actionable threat intelligence for better decision-making.

About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.