Der Blätterkatalog benötigt Javascript.
Bitte aktivieren Sie Javascript in Ihren Browser-Einstellungen.
The Blätterkatalog requires Javascript.
Please activate Javascript in your browser settings.
itsa 2025 20 itsa Magazine 2025 www markttechnik de Artificial intelligence as the foundation of modern defence strategies From reactive to proactive cybersecurity Artificial intelligence AI is not only becoming increasingly important as a component of current cybersecurity strategies but it also poses risks when used by cybercriminals Reactive strategies are no longer sufficient to counter these risks instead proactive strategies based on AI are needed with new regulatory requirements such as NIS-2 and DORA Without modern AIpowered technology these challenges are almost impossible to meet and overcome AI strengthens the security team through automation and overview This is precisely where artificial intelligence adds value it helps to identify threats more quickly analyse correlations and respond appropriately Modern technologies such as Extended Detection Response XDR use AI to correlate security alerts from various sources filter out false positives and provide a clear prioritised overview This allows attacks to be detected at an early stage and measures to be taken efficiently Machine learning also identifies previously unknown threats based on behavioural patterns Deep learning algorithms analyse phishing emails or expose deepfakes in video conferences And large language models LLMs help to present complex technical information in an understandable way so that even less specialised employees can be involved in security processes Digital twins create predictive security architectures Adecisive step towards proactive security is the use of digital twins for cybersecurity These agentbased AI systems analyse risks in real time validate protective measures and simulate potential attacks without affecting real IT systems Security managers can continuously test their defence strategies identify vulnerabilities and close them in a targeted manner Simulating possible failure scenarios also improves planning reliability for critical systems and increases resilience to disruptions both in IT and OT This transforms selective responses into a predictive security architecture AIbased systems need new protection mechanisms At the same time AI is also changing security requirements Modern workloads are based on GPUs process huge amounts of data and have a modular structure This represents a paradigm shift that brings with it new risks such as data poisoning and adversarial attacks Security measures must therefore cover not only the application level but the entire stack from hardware to cloud environments and APIs to the foundation model This is where a cybersecurity platform approach offers decisive advantages it integrates all securityrelevant components enables consistent monitoring and simplifies management via a central interface Platform thinking as the key to greater resilience Aunified cybersecurity platform such as Trend Vision One brings together data from a wide variety of sources from endpoint network and cloud security to OT systems The platform is based on an agentic AI architecture and uses the specialised large language model “Trend Cybertron” This serves as an intelligent analysis centre that recognises patterns assesses risks and provides wellfounded recommendations for action at the touch of a button As an opensource model Cybertron is also available to the global cybersecurity community promoting the development of autonomous cybersecurity solutions This centralised adaptive platform logic provides the agility By Richard Werner Cybersecurity Platform Lead Europe Trend Micro A Iis now indispensable for any futureproof cybersecurity strategy What began years ago as an addon has long since established itself as an integral part of modern infrastructures It is now difficult to imagine a security solution that does not rely on machine learning deep learning or generative AI The importance of intelligent systems continues to grow especially in the face of highly networked hybrid and increasingly AIbased software architectures They are key to whether companies can effectively align their defences against increasingly sophisticated attacks and build resilience Cybercriminals today operate in a globally networked shadow economy based on the division of labour Hacking services extortion data trading and AIsupported attack automation have long been part of professional business models This is complemented by statesponsored groups with political or economic agendas For companies this means that although they are faced with sophisticated attackers they often have limited resources themselves Small security teams struggle with a multitude of alerts and an evergrowing attack surface They also have to comply