My Challenge to Boards & CISOs: Prioritize Cybersecurity Prevention (Before It’s Too Late)

Generative AI is here – and it’s fueling more sophisticated and malicious cyber threats at increased scale and velocity. We’ve recently witnessed several high-profile incidents, from the social engineering attacks against MGM Resorts and Caesars Entertainment, to the Clorox cyber incident, which cost the company over $354M in damages.

And this is just the beginning.

I’m throwing down the gauntlet today and challenging CISOs and their boards to prioritize prevention.

It’s time to stop detecting and responding to threats with outmanned tools like endpoint detection and response (EDR) and extended detection and response (XDR), which only identify threats after a breach.

CISOs have deployed defense-in-depth, Zero Trust, and other strategies/technologies, but I believe that CISOs and CIOs, fatigued from spending, must view this as a marathon, with the course getting even more hilly and the heat and humidity rising.

When unknown threats and costly ransomware hit your company, it is not good enough to say, “Well, we deployed CrowdStrike, and we still got hit.” It is even more painful when you pay CrowdStrike or other experts to remediate and clean up the mess.

When I speak to CISOs, they say, “Well, if I put in prevention (Deep Instinct), you need to help me identify what I will remove to justify the spend.” My somewhat glib response is, “How about pulling out the remediation cost? Or a ransomware payment and significant customer brand damage?”

I am not saying detection and remediation are not necessary – I am saying it is not enough.

The Cybersecurity Cat-and-Mouse Game … On a Restricted Budget

CISOs are being asked to do more with less. With organizations spending roughly 10% of their annual IT budget on cybersecurity tools (such as EDR, firewall protection, cloud proxy, etc.), security teams are caught in an endless cat-and-mouse game with sophisticated cybercriminals. But in this game, the mouse (bad actors) will keep winning by leveraging generative AI to stay one step ahead of organizations and their security teams.

When a cyber incident occurs (as seen with Clorox), organizations spend millions on ransomware clean-up, shoring up lost productivity, and repairing tarnished reputations. In 2023, the average ransomware attack cost was over $5M, with businesses paying out over $1B cumulatively in ransomware payments. It’s unfair to CISOs, who are hamstrung by budget constraints, and even less fair to consumers who trust brands to prevent breaches.

Organizations must confront these AI-based attacks head-on by prioritizing prevention. They must do so to avoid becoming the next victim and to proactively preserve customer trust. They must fight fire with fire and leverage a more advanced form of AI – deep learning.

The Rise in AI Signals the Demise of the Platform

Many large, publicly traded cybersecurity companies have adopted a platform approach, acquiring solutions as specific market needs arise to “go broad” across their solutions portfolio. As AI-based attacks ramp up, many legacy platform players react by purchasing point (“best of breed”) solutions based on ineffective and outdated AI to address shortcomings with current capabilities.

However, it’s important to note that not all AI is created equal. Despite what their marketing materials may say, these broad platform players can’t effectively combat adversarial AI because they’re built on less sophisticated machine learning (ML) models and are stitching together multiple tools in a “swivel chair” fashion.

To anticipate an attacker and prevent ransomware, unknown, and zero-day threats from breaching your network and data repositories, you need deep learning, which is inspired by the brain’s ability to learn.

When deep learning is applied to cybersecurity, these neural networks instinctively and autonomously predict threats to stop them from deploying pre-execution. Deep learning is the only way CISOs and their security teams can win the cat-and-mouse game against attackers, and predict and prevent their next move.

The Dirty Little Secret

The market is hungry for better cyber defense. This is why cybersecurity stocks reached record highs last year, with Palo Alto Networks’ stock jumping 111% and CrowdStrike consistently beating earnings quarter over quarter. However, in late 2023, as Q4 earnings were released, the cyber stock growth slowed and even declined. After all, there is only so much tolerance for spending on cybersecurity solutions with limited results.

These platforms will not prevent unknown threats. The large cyber companies can surely sell you more products and get you to buy into their platform strategy, but they cannot prevent unknown malware, which constitutes 72% of the newest breaching attacks.

Platform players can no longer go broad without going deep. Reacting is no longer tenable. A few years ago (and perhaps today), George Kurtz could walk into a boardroom after a ransomware attack, tell the board to ”assume breach,” and leave the room with an order.

In this AI revolution, I believe there will be a board-level mandate to institute a prevention strategy. Real prevention – not cloud-based ML models or sandboxes that learn from endpoints and data feeds, which only publish a fix after malware is already written to disk.

People ask me why I became CEO of Deep Instinct after a long 25-year cyber journey. My answer is simple: an AI storm is coming, complexity is rising, and the risk and cost of a breach is real and material. You cannot prevent unknown threats without deep learning.

Why not get ahead of the storm? Why not ensure your organization isn’t just detecting and responding to cyber-attacks after the fact? Why not predict and then prevent the next major attack? Prevention is possible. Fortune favors the bold. Do you accept the challenge?