So you want to write a book about AI and cybersecurity? [CSO Perspectives] - CyberWire Daily

Summary5 min read

CyberWire Daily Podcast Summary

Episode Title: So You Want to Write a Book about AI and Cybersecurity? [CSO Perspectives]
Host/Author: N2K Networks
Release Date: November 25, 2024

Introduction

In this episode of CyberWire Daily, host Rick Howard welcomes Caroline Wong, Chief Strategy Officer for Cobalt and a respected cybersecurity author, to discuss her forthcoming book on the intersection of Artificial Intelligence (AI) and cybersecurity. This episode delves into Caroline's insights on the mechanics of writing a cybersecurity book, the pivotal themes she explores, and the critical role AI plays in shaping the future of cyber resilience.

Guest Introduction: Caroline Wong

Rick Howard introduces Caroline Wong, highlighting her extensive background in cybersecurity with notable positions at eBay, Sigital, and Symantec. Caroline's first book, Security Metrics: A Beginner's Guide, was inducted into the Cybersecurity Canon Hall of Fame in 2022. She is currently working on her second book, tentatively titled Beyond: How AI and Cybersecurity Are Defining the Future of Resilience.

The Journey of Writing a Cybersecurity Book

Caroline Wong shares her personal journey in authoring her second book. She emphasizes the challenges and rewards of writing, particularly in the rapidly evolving field of cybersecurity.

“[00:05:20] Caroline Wong: Writing a book is less about having something to say and more about the discipline of saying it.”

Caroline outlines her structured approach to writing, starting with a comprehensive outline presented to her publisher, Wiley. This foundation underscores the importance of demonstrating the timely and significant impact of AI on cybersecurity resilience.

Key Themes Explored in the Book

Caroline delves into the main themes of her upcoming book, each addressing critical aspects of AI's role in cybersecurity:

AI as a Weapon for Cybercriminals
- Adaptive Malware & Polymorphic Attacks: AI enables attackers to craft sophisticated and dynamic malware that can evade traditional detection methods.
- AI-Driven Phishing Campaigns: The use of AI allows for hyper-personalized social engineering attacks, making phishing attempts more convincing and harder to identify.
“[00:07:15] Caroline Wong: AI allows attackers to scale operations with precision, crafting hyper-personalized social engineering campaigns that evade classic detection.”
AI as a Tool for Cyber Defenders
- Real-Time Threat Detection: AI's data processing capabilities facilitate immediate identification of threats and anomalies.
- Patterns of Life Analysis: AI learns normal behavior patterns to flag deviations, aiding in proactive defense strategies.
- Defending AI Models: Strategies to protect AI systems from adversarial attacks are crucial for maintaining their effectiveness.
“[00:10:45] Caroline Wong: AI's data processing capabilities enable real-time threat detection and anomaly analysis, which has become a game changer for proactive defense.”
Ethics, Oversight, and Adaptation
- Balancing Automation with Human Oversight: Ensuring that AI deployment in security maintains fairness, privacy, and compliance.
- Ethical AI: Emphasizing the necessity of ethical considerations to maintain trust and mitigate unintended consequences.
“[00:12:10] Caroline Wong: Ethical AI isn't just a buzzword. It's a necessity for maintaining trust and mitigating unintended consequences.”

AI’s Dual Role in Cybersecurity

Caroline discusses the dual-edged nature of AI in cybersecurity, acting both as a potent defense mechanism and a powerful tool for adversaries. She underscores the importance of understanding this tension to build resilient cyber systems.

“[00:11:30] Caroline Wong: AI is both a vital defense mechanism and a potent weapon for adversaries. Understanding this tension is key to building the next phase of cyber resilience.”

AI-Powered Ransomware: She provides examples of how attackers leverage AI to enhance ransomware attacks, making them faster and harder to detect, while defenders use AI to predict, thwart, and block these threats proactively.

Call for Community Engagement

Caroline invites the cybersecurity community to contribute to her book by sharing their challenges, use cases, and ethical dilemmas related to AI in cybersecurity. She emphasizes the collaborative nature of her work, aiming to address real-world issues faced by professionals in the field.

“[00:09:50] Caroline Wong: Your feedback could help me shape this book and ensure that it addresses the real-world issues that cybersecurity professionals are grappling with today.”

Case Studies and Practical Strategies

To provide tangible insights, Caroline plans to include various case studies in her book:

Predictive Analytics in Ransomware Reduction: How global enterprises use AI to foresee and mitigate ransomware risks.
Adversarial Machine Learning Incidents: Analyzing incidents where adversarial attacks disrupted AI defense systems and the recovery processes involved.
AI-Driven Automation in Incident Response: Exploring how AI can expedite response times, where every second counts between containment and catastrophe.

Additionally, she outlines strategies for integrating AI into cybersecurity programs, balancing automation with human expertise, and fostering resilient teams equipped to handle AI-driven threats.

Conclusion

Caroline Wong's upcoming book promises to be a comprehensive exploration of how AI is transforming the cybersecurity landscape. By addressing both offensive and defensive applications of AI, ethical considerations, and practical strategies, the book aims to equip cybersecurity professionals with the knowledge and tools necessary to navigate and enhance cyber resilience in an AI-driven future.

Notable Quotes:

“[00:05:20] Caroline Wong: Writing a book is less about having something to say and more about the discipline of saying it.”
“[00:07:15] Caroline Wong: AI allows attackers to scale operations with precision, crafting hyper-personalized social engineering campaigns that evade classic detection.”
“[00:10:45] Caroline Wong: AI's data processing capabilities enable real-time threat detection and anomaly analysis, which has become a game changer for proactive defense.”
“[00:11:30] Caroline Wong: AI is both a vital defense mechanism and a potent weapon for adversaries. Understanding this tension is key to building the next phase of cyber resilience.”
“[00:09:50] Caroline Wong: Your feedback could help me shape this book and ensure that it addresses the real-world issues that cybersecurity professionals are grappling with today.”
“[00:12:10] Caroline Wong: Ethical AI isn't just a buzzword. It's a necessity for maintaining trust and mitigating unintended consequences.”

Final Thoughts

This episode provides valuable insights into the intricate relationship between AI and cybersecurity. Caroline Wong's expertise and forward-thinking approach offer a roadmap for professionals seeking to enhance their understanding and strategies in an era where AI is both an asset and a challenge in the cybersecurity domain.

Loading summary

Transcript12 lines

[00:02]
Liz Stokes
You're listening to the CyberWire network powered by N2K.
[00:09]
Gianna Whitfer
Gianna Whitfer here, co host of the Breaking through in Cybersecurity marketing podcast on N2K CyberWire Network. Here to interrupt your Thanksgiving break with just one little ad. We are hosting Cyber Marketing Con, a conference for marketers and go to market in the business side of cybersecurity this December 8th through 11th in the beautiful city of Philadelphia, Pennsylvania and also virtually get your ticket at cybermarketingconference.com or through our main website cybersecuritymarketingsociety.com.
[00:48]
Dave Buettner
Hey everybody, Dave here. I want to talk about our sponsor, LegalZoom. You know, I started my first business back in the early 90s and oh what I would have done to have been able to have the services of an organization like LegalZoom back then. Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff, the registrations of the business, the taxes, all of those things that you need to go through when you're starting a business, the hard stuff, the stuff that sucks up your time when you just want to get that business launched and out there. Well, LegalZoom has everything you need to launch, run and protect your business all in one place and they save you from wasting hours making sense of all that legal stuff. Launch, run and protect your business. To make it Official today@legalzoom.com you can use promo code CYBER10 to get 10% off any LegalZoom business information product, excluding subscriptions and renewals that expires at the end of this year. Get everything you need from set up to success@legalzoom.com and use promo code CYBER10. That's legalzoom.com and promo code CYBER10. Legalzoom provides access to independent attorneys and self service tools. Legalzoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ Legal Services LLC.
[02:24]
Rick Howard
Hey everybody. Welcome back to season 15 of the CSO Perspectives Podcast. This is the last episode of the season where we turn the microphone over to some of our regulars who visit us here at the N2K CyberWire hashtable. You all know that I have a stable of friends and colleagues who graciously come on the show to provide us some clarity about the issues we're trying to understand. At least that's the official reason we have them on the show. In truth though, I bring them on to hip. Check me back into reality when I go into some of my more crazier rants We've been doing it that way for almost four years now, and it occurred to me that these regular visitors to the Hash Table were some of the smartest and well respected thought leaders in the business. And in a podcast called CSO Perspectives, wouldn't it be interesting and thought provoking to turn the mic over to them for an entire show to see what's on their mind? We might call the show Other CSO Perspectives. So that's what we did. Over the break. The interns have been helping these Hash Table contributors get their thoughts together for an entire episode for the this podcast. So hold on to your butts. Hold on to your butts. This should be interesting. My name is Rick Howard and I'm broadcasting from the N2K CyberWire's Secret Sanctum Sanctorum studios, located underwater somewhere along the Patapsco river near Baltimore Baltimore Harbor, Maryland in the good old US of A. And you're listening to CSO Perspectives, my podcast about the ideas, strategies, and technologies that senior security executives wrestle with on a daily basis. Caroline Wong is the Chief Strategy Officer for Cobalt, a pen Test as a service company where she has worked for over eight years. She's kind of a unicorn in that regard, but over the years she's held senior security positions in companies like ebay, Sigital, and Symantec. I first ran into her when the Cybersecurity Cannon Project inducted her book Security Metrics A Beginner's Guide into the hall of Fame a couple of years ago. I immediately reached out to ask her to join the CyberWarsh Hash Table crew. Well, she's been writing a new book on cybersecurity AI, and I thought it would be interesting to let her talk about the mechanics of writing a cybersecurity book and outline her initial thoughts about what topics might go into a book of that sort.
[05:05]
Liz Stokes
Here's Caroline I'd like to start off today by thanking Rick Howard for inviting me to join CSO Perspectives. It's an honor to be a part of this series, which I've long admired for its thoughtful exploration of the ideas and challenges shaping our industry. I'm excited to share my perspective and contribute to the ongoing dialogue about cybersecurity resilience. I'm Caroline Wong, cybersecurity author, educator, and advocate for resilience in the face of digital threats. Today I'm sharing about something very personal my journey writing my second book. It's tentatively titled Beyond How AI and Cybersecurity Are Defining the Future of Resilience. My first book, security metrics A beginner's guide was published in 2011 and inducted into the Cybersecurity Canon hall of fame in 2022. Writing a book is challenging, but also deeply rewarding, and I want to give you an inside look at how this new project came to life. We'll explore the mechanics of writing a cybersecurity book, the key themes I'm covering, and why I believe this topic is critical for the future of our field. But more than that, I'm asking you for your input. If this resonates with you, I want to know what questions, challenges and insights do you think should make it into the final manuscript? Let's start with the mechanics of book writing, particularly in the world of cybersecurity. Most infosec professionals I've spoken to feel like they have a book in them. Maybe it's a collection of war Stories from the SoC, a deep dive into threat modeling, or a manifesto about a better way to do security. Whatever the topic, writing a book is less about having something to say and more about the discipline of saying it. For me, the process begins with an outline. I presented the framework for this book to my publisher, Wiley earlier this year. The key was showing them not only that AI and cybersecurity are timely and important topics, but that there's a unique angle worth exploring how AI redefines resilience. After the outline is going to come months of research, writing and revisions. Unlike my first book, which focused on practical metrics for demonstrating cybersecurity roi, this one is forward looking, combining technical concepts with strategic insights. I expect to be constantly seeking feedback from peers, collaborators and this podcast audience because I believe the best ideas come from collaboration. AI is reshaping cybersecurity in ways that we couldn't have imagined a decade ago. It is kind of like a dual edged sword, offering unparalleled advantages for defenders while also empowering attackers. This dynamic makes resilience more important and more complex than ever before. Here's an outline of my book, which I hope serves as both a guide and a provocation for what's ahead. Number one AI as a weapon for cybercriminals Adaptive malware polymorphic attacks and AI driven phishing campaigns are making traditional defenses obsolete. AI allows attackers to scale operations with precision, crafting hyper personalized social engineering campaigns that evade classic detection. Number 2 AI as a tool for cyber defenders AI's data processing capabilities and how they enable real time threat detection and anomaly analysis Patterns of life analysis, where AI learns about normal behavior and flags deviations has become a game changer for proactive defense. But AI isn't foolproof. We'll also need strategies for defending our models from adversarial attacks. And of course, number three, ethics, oversight and adaptation. As we deploy AI in security, we must balance automation with human oversight, ensuring fairness, privacy and compliance. Ethical AI isn't just a buzzword. It's a necessity for maintaining trust and mitigating unintended consequences. I think one of the things that fascinates me the most is AI's dual role. It is both a vital defense mechanism and a potent weapon for adversaries. Understanding this particular tension is key to building the next phase of cyber resilience. Take AI powered ransomware, for example. Attackers are using AI to refine their attacks, making their operations faster and harder to detect and to disrupt. And on the flip side, defenders are using AI to try and predict and also thwart and even block these attacks before they happen. Resilience in this context means preparing for worst case scenarios while building systems that are capable of both recovery and adaptation. It's no longer just about stopping threats, it's about evolving with them. So here's where you come in. The book is still a work in progress and I would really like your input. What challenges are you facing as AI transforms the threat landscape? Are there specific use cases, either on the offensive or the defensive side, that you think deserve more attention? What kind of ethical dilemmas and regulatory questions are on your mind? You can reach out to me on LinkedIn or through this podcast's channels. Your feedback could help me shape this book and ensure that it addresses the real world issues that cybersecurity professionals are grappling with today. To make these ideas tangible, I plan to include case studies in the book. Here are what some of those might look like. A global enterprise using predictive analytics to reduce ransomware risks. An incident where adversarial machine learning disrupted a key AI defense system and how that organization rebounded. Lessons learned from AI driven automation in incident response, where minutes and seconds can mean the difference between containment and catastrophe. I'm also outlining practical strategies for integrating AI into cybersecurity programs, balancing automation with human expertise, and building resilient teams that are equipped to handle AI driven threats. Writing this book isn't just about sharing what I know, it's about helping to equip the cybersecurity community for what's coming next. AI isn't just.
[13:31]
Rick Howard
And that's our show. Well, part of it. There's actually a whole lot more. And if I do say so myself, it's all pretty great. But before we get to the credits, I have one more announcement to make. Aside from the annual end of year webinar called CSO perspectives live on the 19th of December at 2pm EST, this is my last show for the CSO Perspectives podcast. That's right, I'm hanging up the Rick the Toolman tool belt after four years, and it's been a great run, but you know, it's time to move on to other things. I've told my Cyberwire origin story a lot over the last four years, but here it is one last time. You all know that I've been a fan of podcasts long before we even started calling them podcasts, and one of my duties at my last CSO gig was evangelizing the product. So I got the opportunity to go on the Cyberwire shows and hawk our wares on a podcast. I know I was in hog heaven. That's when I got to know Dave Buettner, Peter Kilpie, and the rest of the Cyberwire gang. When I left the CSO gig back in 2019, I thought I was going to retire, and as a joke, I sent Peter a note saying he should let me do a podcast. I didn't even expect that he would answer me, but the next day he called and said I should come work for him, which I did. And like I said before, it's been a blast. And at the end of my time here, I can't tell you how fortunate I feel about the opportunity I had here. Rarely as an infosec professional do you get the chance to do nothing but think, reflect, write, and in this case, record my thoughts on everything that's happened in cybersecurity in the last 30 years and test out my ideas about how we could make it better. The result of that contemplation was our Cybersecurity First Principles book, which I'm very proud of, in which the first draft of those ideas came from this podcast. And I couldn't have done any of that without the crew here at the Cyberwire that supported me and all of my crazy ideas. Jen is our producer extraordinaire and my partner in crime. I love you, Jen Elliot, our sound wizard, and Trey, his clone. Their music and editing made what I wrote sound way more important than it really was. Bennett, our sales guy, he and his team said, wait, you want to do what? Yeah, I can sell that. Brandon, our jack of all trades biz guy who actually found the way to make the biz profitable and was by the way one of the editors to the book. So thanks for doing that, Brandon. It was way better because you were on that project. Dave, the best podcast host on the planet, bar none. He and I got to do so many great things together, but without him it wouldn't have worked at all. And Peter, who took a chance on a senior security pro who couldn't even spell podcasts three times out of five, let alone make one. And everyone else at the Cyberware who I didn't get a chance to mention here. Not to mention the outside crew of thought leaders who would graciously come on the Cyberwire hash table to help us understand something. I love you all very much and consider it an honor to be your friend. So, as we let the interns return to their homes for the first time in years and close the door to the sanctum sanctorum one last time. No, no, no, Kevin, it's lefty loosey, righty tighty to lock the outer hatch. Even after all this time, you still have to watch them like a hawk. Anyway, it's time to say goodbye to all the listeners out there. Thank you. Thank you for joining me on this journey. It has been a pleasure and I will see you down the road. CSO Perspectives is brought to you by N2K Cyberwire, where you can find us at the Cyberwire for this episode, I've added some helpful links in the show notes to help you do more of a deep dive if that strikes your fancy. And don't forget to check out our book Cybersecurity First Principles, a reboot of Strategy and tactics that we published in 2023. Automation as a first principle strategy is a key concept that runs all through that book. But I can see that whenever I get around to writing that second edition, AI might be an entire subsection of that chapter. And by the way, we'd love to know what you think of our show. Please share a rating and review in your podcast app, but if that's too hard, you can fill out the survey in the show notes or send an email to csopn2k.com we're privileged that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your teams smarter. Learn how@n2k.com One last thing here at Intuk, we have a wonderful team of talented people doing insanely great things to make me sound good. And since I'm at the end of my tenure here at the Cyberware, I think it's only appropriate that you know who they are.
[18:39]
Liz Stokes
I'm Liz Stokes. I'm N2K, CyberWire's Associate Producer.
[18:43]
Rick Howard
I'm Trey Hester, audio editor and sound engineer.
[18:46]
Liz Stokes
I'm Elliot Peltzman, executive Director of sound and vision. I'm Jennifer Iban, executive producer.
[18:54]
Dave Buettner
I'm Brandon Karf, executive editor. I'm Simone Petrella, the president of N2K.
[19:00]
Rick Howard
I'm Peter Kilpie, the CEO and publisher at N2K. And I'm Rick Howard. Thanks for your support. Everybody listening.
[19:41]
Dave Buettner
And now a word from our sponsor, NordPass. NordPass is an advanced password manager from the team behind NordVPN, designed to help keep your business safe from data leaks and cyber threats. It gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords. Right now, you can go to www.nordpass.com cyberwire for 35% off the NordPass business yearly plan. Don't miss out on that.