Artificial Intelligence & Machine Learning
,
Cloud Security
,
Next-Generation Technologies & Secure Development
Forrester Report Highlights Generative AI’s Influence on Cloud Security
For years, cloud security has been playing catch up. Traditional security tools, built on static rule sets and signature-based detection, are struggling to keep pace with the scale and sophistication of modern cloud threats. To counter this, security leaders are turning to generative AI for intelligence-driven security that can predict, detect and respond to threats in real time.
Gen AI is poised to boost security for cloud infrastructure-native and third-party security solutions and software-as-a-service, or SaaS app security, according to a Forrester report.
“Gen AI has an impact on the response side of things, so being able to generate scripts, understand how you could fix problems – that’s probably the biggest area of benefits that we see out there,” Andras Cser, vice president and principal analyst for security and risk management at Forrester Research, and lead author of the report, told Information Security Media Group.
LLMs and GANs to Boost Cloud Security
One of the most impactful advancements is AI-driven multi-signal intelligence. Where legacy security models process individual security signals in isolation, gen AI ingests, correlates and contextualizes data from diverse sources – including endpoint telemetry, network traffic, encrypted communications and even dark web intelligence. This holistic approach allows for more precise threat detection, reducing false positives and ensuring that security teams focus on the most critical threats.
Gen AI algorithms are generally used in identity and access management, security analytics, security information and event management, or SIEM, and fraud management, including detection of deepfakes and other AI-generated cyberthreats. Forrester expects cloud security solutions will use LLMs for copilots and detection; large transaction models for threat detection; and generative adversarial networks to counter AI-driven attacks by pitting AI against AI.
Cloud workload security providers are integrating gen AI to enhance threat detection and response, the report said. The technology will strengthen cloud infrastructure policy enforcement, automate remediation and policy recommendations and improve query response generation for security investigations. It also will streamline network policy creation and guest OS-level threat detection, enabling proactive defense against evolving threats.
Gen AI Aids Shadow SaaS Detection
“We see certain aspects of gen AI being applied in this space – particularly in understanding how applications, especially SaaS platforms, connect and interact,” Cser said.
As SaaS configurations get more complex and interconnected, human insight and traditional rules-based methods for detecting cloud risks lose effectiveness. Forrester expects that gen AI will make its largest contributions to cloud security in shadow and sanctioned SaaS application detection and risk assessment; data security posture management enhancements; copilots for policy management, investigation and reporting.
While “detection is relatively straightforward and deterministic,” he said, “the real challenge lies in remediation – addressing over-permissioned or misconfigured environments in a controlled and efficient way. This is where gen AI can provide the most value, by automating corrective actions and optimizing security postures.”
Gen AI Promises to Lower Costs
Beyond its security benefits, gen AI could reshape the economics of cybersecurity operations. Security teams are often stretched thin, dealing with an increasing number of alerts, compliance requirements and sophisticated adversaries. By automating time-consuming tasks such as threat detection, policy generation and remediation, gen AI frees up security teams to focus on strategic initiatives.
“It is essentially another way of gaining better insights into labor and conducting that labor,” Cser said. For organizations grappling with shrinking budgets and increasing workloads, this is a game-changer.
The Forrester report also highlighted its role in discovering cryptographic algorithms and key exchanges – areas where human expertise is traditionally resource-intensive.
The Risks of Gen AI in Cloud Security
Governance is a significant hurdle. Gen AI models are more complex than traditional AI systems, making them harder to govern. Intellectual property protection, privacy safeguards and the risk of hallucinations are pressing concerns. “The explainability of gen AI and the quality of its decisions are not as robust as they need to be,” he said.
Gen AI systems are also vulnerable to adversarial attacks. Model poisoning and exploitation risks could undermine the integrity of these systems, potentially allowing attackers to manipulate security measures.
“Avoiding hallucinations and ensuring decision quality are prerequisites for cloud security professionals wanting to use gen AI in production,” Cser said.