In a recent interview with CIO&Leader, Kim Anstett, CIO of Trellix, discussed the growing cybersecurity challenges posed by GenAI, which threat actors use to craft effective phishing emails, discover code vulnerabilities, and write malicious code more efficiently.
Kim Anstett leads the Enterprise Technology and Operations organization at Trellix, where she oversees the development and execution of a technology strategy aimed at enhancing efficiency, flexibility, and transformation to advance the company’s vision.
With over 25 years of industry experience, Kim has a proven track record of driving innovation and guiding teams.
Before joining Trellix, she served as Executive Vice President and Chief Technology Officer at Iron Mountain and CIO at Nielsen, focusing on product development, innovation, and cybersecurity. Kim serves also on the Board of Directors for Quotient Technology.
She highlighted the importance of regular employee training and comprehensive cyber risk management frameworks, noting that well-trained employees are essential to narrowing the human error gaps in cybersecurity.
CIO&Leader: Looking ahead, what emerging cyber threats do you foresee impacting organizations in the near future?
Kim Anstett: The adoption of GenAI by threat actors poses new threats and challenges for organizations to address, like threat actors using it to craft better phishing emails, find vulnerabilities in code, and write code faster and better to deliver their attacks. Additional challenges include accidental leakage of company IP into these tools, concerns about bias or “poisoned” training data, and the unknown regulatory and privacy challenges that may arise with these tools.
While addressing emerging cyber threats, we cannot lose sight of existing ones, including:
- Nation-state attacks and the spread of disinformation, especially during election times.
- Ransomware remains the greatest threat to global small and medium-sized businesses (SMBs) and public sector businesses. Combined with GenAI, the opportunity for business impact, downtime, and economic loss is very real.
- Supply chain attacks remain a big problem, with organizations increasingly struggling to manage the broad attack surface.
CIO&Leader: Could you elaborate on the role of artificial intelligence (AI) in enhancing cybersecurity measures across various sectors? How is AI being leveraged to mitigate cyber threats effectively?
Kim Anstett: The AI agent ecosystem will play a central role in running enterprises and facilitating conversations between businesses, offering enhanced intelligence and adaptability beyond traditional enterprise services.
Security agents will allow us to:
- Develop “Expert” chatbots to help analysts throughout the investigative lifecycle.
- Improve correlations and pattern recognition across security events.
- Create human-readable summarizations of complex log data or investigations.
- Auto-generate response playbooks to remediate threats.
CIO&Leader: Addressing human error is crucial in minimizing cybersecurity risks. From your perspective, what strategies or best practices can organizations adopt to reduce instances of human error in cybersecurity?
Kim Anstett: Organizations should invest in employee training on a regular cadence. You can have the technologies and processes in place, but if your people aren’t properly onboarded and trained on the technology, processes, or best practices for maintaining security hygiene, you have a problem. Knowledge is power, and training is essential for helping to narrow the human error gaps in cybersecurity.
CIO&Leader: What is your evaluation of the present status of cybersecurity legislation and regulation, and how effective do you find it in responding to the dynamic challenges posed by the evolving cyber threat landscape?
Kim Anstett: It’s important the private and public sectors work together to solve the dynamic challenges posed by the evolving cyber threat landscape. Policymakers are trying to develop regulations that mitigate risk while driving innovation, ensuring the safety and privacy of U.S. citizens, like with the recent Biden AI Executive Order. This Administration also requires proof of use of the NIST Secure Software Development Framework when purchasing products to be used on U.S. Federal networks to help improve the cybersecurity of products, requiring vendors to ensure their software is produced with security in mind from the ground up.
CIO&Leader: In light of the rapidly evolving cybersecurity landscape, how do you perceive the current challenges and opportunities for enterprises?
Kim Anstett: With the increased frequency and sophistication of attacks, enterprise security teams are often overwhelmed. Coupled with the continued talent gap and endless sea of disconnected tools and alerts, it’s time for technology to meet CISOs and their teams where they are. We can enhance cybersecurity efficiency by providing open platforms, integrated capabilities, and AI security agents for streamlined operations, advanced detection and event correlation, malware analysis, and auto-generated response playbooks.
CIO&Leader: What strategies and best practices do you recommend for protection against cyber threats?
Kim Anstett: First and foremost, educate your employees. Institutionalizing cyber risk management frameworks (like NIST) will help to strengthen overall cyber resilience and drive better cybersecurity outcomes. Assess your current ecosystem, identify where the gaps exist, and then solve for those gaps. Make sure you have the correct people, processes, and technology in place.
And, of course, make sure your technology aligns with your goals and utilize its full capabilities. Implementing an XDR Platform provides the optimal foundation to protect and streamlines the administration of multiple tools and technology.