New Video from @BlackHatOfficialYT: ING Bank Experts Discuss AI Integration in Cybersecurity

In this video, Eduardo, the head of security analysis at ING Bank, and Rob, his senior data scientist colleague, discuss the integration of artificial intelligence (AI) into cybersecurity operations. They highlight the challenges and successes encountered in implementing AI models to improve identity and access management, vulnerability management, and security incident detection and response. Main Topics: 1. AI Integration in Cybersecurity: Eduardo and Rob emphasize the importance of not only developing AI models but also effectively integrating them into daily operations. They discuss challenges related to data siloing and the need to create an integrated view of different data sources. 2. Identity and Access Management: Rob presents a concrete use case where AI was used to reduce the number of attestations needed to verify employee access roles. By combining redundant roles and automating certain attestations, they significantly reduced manual workload. 3. Vulnerability Management and Secret Detection: Eduardo explains how they used AI models to prioritize and reduce security alerts, based on internal and external data. They also developed a model to detect data leaks, thus reducing false positives and improving overall security. Key Insights: - Interdisciplinary Collaboration: Eduardo stresses the importance of collaboration between data scientists, engineers, and architects to overcome data and AI model integration challenges. - Education and Training: They implemented a two-day training course to raise awareness and educate employees about the importance and applications of AI in cybersecurity. - Academic Partnerships: ING closely collaborates with universities and master's students to integrate the latest academic research into their operations. Technical Details: - Harmonization Algorithm: Rob explains in detail the algorithm developed to combine redundant access roles. Using network techniques and co-membership matrices, they succeeded in simplifying and accelerating the process. - Secret Detection Models: Eduardo describes how they used machine learning models to analyze email metadata and reduce false positives in data leak detection. Practical Implications: The insights shared in this video can be applied in various organizations to improve the efficiency and security of cybersecurity operations. For example, automating attestations and reducing false positives can free up time for analysts, allowing them to focus on more strategic tasks. Additionally, collaborating with universities and students can bring innovative ideas and solutions based on the latest academic research. In conclusion, this video provides valuable insights into AI integration in cybersecurity, highlighting the challenges and successes encountered by ING Bank. It shows how a collaborative and educational approach can lead to significant improvements in identity management, vulnerability detection, and security incident response.