Artificial intelligence and machine learning
Palo Alto Networks’ Meera Rajvel talks about protecting corporate security with “high-precision AI”
Sandhya Michu •
December 23, 2024
Cybersecurity professionals often face overwhelming challenges, from handling massive data streams such as logs, endpoint detection systems, and firewalls to integrating numerous cybersecurity tools. The focus must shift to streamlined processes, artificial intelligence-driven solutions, and unified architectures.
See also: AI-driven SOC transformation with Cortex XSIAM
In an interview with Information Security Media Group, Meera Rajavel, CIO of San Francisco-based Palo Alto Networks, said real-time responsiveness and the integration of AI-driven technologies are key to mitigating modern cybersecurity threats. I have emphasized the reason why. “Security is a problem that can only be solved if we think from complexity to clarity,” she says.
Rajabel is responsible for Palo Alto Networks’ global information technology function, driving comprehensive strategies to rapidly deliver innovative solutions and scale to teams around the world.
Edited excerpts follow:
What impact has Precision AI made in addressing cybersecurity challenges since its launch, and how is Precision AI differentiated in solving these problems?
For context, Precision AI represents the evolution of AI in cybersecurity, with machine learning and deep learning techniques becoming integral to many solutions. We’ve been using AI in our products for years. For example, we block more than 11.3 billion attacks every day, 2.3 million of which are completely new threats. Identifying these unique threats every day requires advanced AI capabilities, especially deep learning and ML.
The emergence of generative AI has brought new opportunities and challenges. We believe that cybersecurity requires 100% accuracy. Precision AI was developed to leverage the combined strengths of ML, deep learning, and Gen AI to deliver superior accuracy and efficiency. One of the biggest challenges for security professionals is complexity. Precision AI simplifies this by providing actionable insights right away, helping you sift through large amounts of data and threats with context-specific analysis. This technology is built across our platforms, including Strata for network security, Cortex for security operations, and Prisma for cloud security, ensuring comprehensive protection.
How is Palo Alto approaching AI in cybersecurity? What are the key cybersecurity maturity requirements for effective implementation?
We approach AI in cybersecurity from three different vectors. First, as customers increasingly rely on AI within their ecosystems, it is important to protect it by design. As a cybersecurity solutions provider, our goal is to ensure our customers are protected when using new technology. The second vector involves fighting enemies that use AI to launch attacks. The speed of these attacks is exponentially faster and more sophisticated than ever before. To combat this, we need to leverage AI to protect against AI attacks. The third vector focuses on how AI can benefit security personnel. AI can significantly improve the efficiency and effectiveness of security operations by simplifying complex data analysis and enhancing product interactions.
Solutions such as AI Access Security, which provides visibility into AI usage within the enterprise and ensures secure AI applications, have already benefited from our AI security solutions in development with 100 customers, and the maturity level A clear change can be seen. Organizations don’t have to be at an advanced level to get started. Our platform adapts to your specific needs and grows with you. With over 10,000 models and 200 engineers dedicated to research and development, we are continually improving our capabilities to stay ahead of emerging threats. Our Cortex platform includes over 4,000 models. Our AI-powered solution processes 7.6 petabytes of data and 59 billion events every day to reduce noise and identify approximately 100-110 actionable incidents. This allows customers to focus on high-priority threats while automating repetitive tasks.
Accountability in AI governance is a complex issue. How do you think that will evolve, especially as systems become more autonomous?
Governance and accountability are key areas that need clarity. For example, in discussions with CISOs in the insurance industry, we considered scenarios where autonomous systems would fail. If a system processes a claim incorrectly, who is responsible? Is it the technology, the functional head, or the product designer? Today, accountability is typically assigned to the department head. However, as AI becomes more autonomous, governance models must evolve to clearly define roles and responsibilities.
Transparency and explainability in AI are essential. Large language models pose challenges due to their broad accessibility capabilities. This is why agent architectures are gaining traction. Agent architecture allows for higher security constraints and better governance while addressing the inherent transparency issues of AI.
How have companies adopted autonomous SOCs in their efforts to achieve autonomy?
Autonomous SOCs are becoming possible due to two key factors. First, our adversaries are evolving faster than our ability to scale human resources. Second, there is a shortage of qualified cybersecurity talent. Dual pressures on both demand and supply necessitate technological intervention. For example, XIM (Enhanced Incident Management) solutions, launched just two years ago, have become a rapidly growing segment. Revenues are approaching $1 billion. This is evidence of its rapid adoption and effectiveness. While solutions such as SASE take longer to implement, XIM provides immediate, visible results and addresses the urgent needs of businesses.
Do you think cybersecurity is being sidelined as AI gains traction, or is it gaining traction alongside AI?
It’s not an either-or situation. In fact, AI raises security concerns more than previous cloud deployments. The speed at which AI operates and its potential impact has caused businesses to pay more attention to cybersecurity. Boards are currently prioritizing cybersecurity discussions because of the high economic risks. Incidents such as the $2 billion United Healthcare and Marathon Oil breaches highlight the devastating economic impact of cyberattacks. It’s no longer just about compliance and technology, it’s also about protecting the bottom line. The government is also enforcing stricter compliance regulations, such as reporting violations within a specific time period. This regulatory pressure and economic risk will ensure that cybersecurity remains a central focus, regardless of advances in AI and cloud technology.
