In an era where data is the new oil, organizations are increasingly recognizing security as a core pillar, rather than an add-on.

Spearheading this paradigm shift is generative artificial intelligence, which is fundamentally changing how the enterprise approaches security, according to Mario Duarte (pictured), vice president of security at Snowflake Inc.

“Security is actually a data problem,” he said. “I think generative AI is a different story. GenAI has definitely made us start thinking about how things are being done now. This ability to create unique content based on the data that you’ve provided, these models, has increased velocity.”

Duarte spoke with theCUBE industry analysts John Furrier and Dave Vellante at the Supercloud 3: Security, AI and the Supercloud event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed why security should be approached from a data point of view, as well as the opportunities and challenges presented by AI in the realization of this goal.

GenAI is a double-edged sword

Security experts need to be on their toes, because as much as GenAI is helpful in getting more insights, bad actors will use this cutting-edge technology to their advantage. As a result, being proactive is critical, according to Duarte.

“Imagine having these bad guys using GenAI, where they start looking at public data about you and they start having a conversation with you, maybe online maybe an email, maybe even a phone call that sounds like you,” he pointed out. “Now that presents opportunities for companies and also presents challenges for companies who are trying to defend against it.”

Attaining cross-cloud security is a daunting task because of different shared responsibility models and distinctive APIs. Since Snowflake acts as the “poster child” for supercloud, it continues to enhance the security narrative.

“We were born initially in AWS,” Duarte said in reference to Amazon Web Services Inc. cloud. “As we went through different cloud providers, it’s like learning a new language. Imagine having to drive on the right side one second, and then have to ride on the left side the other second. There’s a concept of a firewall, maybe a security group … you have to do this really quickly, really efficiently and more securely.”

AI will change the anatomy of attacks

Enterprises should not be oblivious to the fact that AI will change the spectrum of attacks. As a result, data will be crucial in detecting anomalies when tackling such attacks, Duarte pointed out.

“I have a blue team, I have a red team, I have different teams that are reporting to me,” he said. “The blue team is protecting the company. Their whole job is to try to figure out what is suspicious activity, what is different about what John did yesterday than what he’s doing today and understanding that you need a lot of data. You can’t be in silos.”

Since zero trust has shifted from being a buzzword to a mandate, out-of-the-box approaches are needed, especially with the advent of AI. That’s because zero trust is paramount in enhanced security, according to Duarte.

“I think it is partial zero trust; I think it’s where we want to go,” he said. “How do I ensure that that laptop belongs to Snowflake or to my company? You want to make sure that the laptop is healthy, even after you get some sort of authentication, even if you’re not using passwords.”

Bad actors are becoming sophisticated to the extent that they are compromising users’ security assertion markup language used by identity providers for authentication purposes. As a result, this trend is putting zero trust in jeopardy, Duarte pointed out.

“What they’re doing is they’re breaking into your laptops and then they scrape your SAML token out of the computer. And they put it on a different computer,” he said. “Where’s your zero trust at that point? You have a machine that’s not trusted. A person who’s not even Mario impersonating Mario with a certificate that’s been signed, a SAML token that’s been signed. It’s game over.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Supercloud 3: Security, AI and the Supercloud event.

Photo: SiliconANGLE