CIO Influence Interview with Carl Froggett, Chief Information Officer (CIO) at Deep Instinct

Carl Froggett, Chief Information Officer (CIO) at Deep Instinct discusses the latest cybersecurity best practices and trends that modern CISOs and security teams should be abreast of in this CIO Influence interview:

_____________

Hi Carl, what made you foray into the cybersecurity and data space?

I began my career in engineering, working for companies like Network Si and Salomon Brothers. Salomon Brothers became part of Citi through M&A, and in the late ‘90s I started working in cybersecurity and transitioning out of more traditional IT roles. As Head of Global Infrastructure Defense, CISO Cyber Security Services at Citi, I oversaw innovation, engineering, delivery, and operations of global platforms for Citi’s businesses and customers worldwide.

After 27 years, I joined Deep Instinct to take on a new challenge and use my experience differently. I was familiar with Deep Instinct and its unique, disruptive deep learning (DL) technology and wanted to be part of something that would be disruptive and usher in a new era of preemptive data security to address the evolving needs of today’s threat landscape.

Also Read: CIO Influence Interview with Ken Brownfield, Head of Engineering at Stackpack

How have cybersecurity trends evolved in recent years?

With the rise of Dark AI, attack methods have evolved and accelerated exponentially, with no signs of slowing down. In the coming years, bad actors will refine and expand AI’s role in malware and ransomware creation, leading to a proliferation of zero-day attacks. These attacks are particularly concerning because they target previously undefended, unknown vulnerabilities. Now, with readily available generative AI tools, bad actors are launching them with alarming regularity and with a sophistication we’d normally only associate with nation states.

Furthermore, the trends we witnessed within the last year, such as rising breaches, higher ransomware payments, and increased data loss, continue to dominate the threat landscape. In fact, research found a 30% increase in global cyber attacks compared to 2023, and AI-generated campaigns have grown in efficacy as a result of advancements in reconnaissance and video and voice generation tools.  The pace of innovation is astounding.

Addressing these advanced threats requires a new approach, we can no longer keep pace with the evolving tactics and techniques, this is a whole new era of cyber security and we an arsenal of preemptive cybersecurity measures, which only deep learning can solve.

What type of cyber threats should modern IT and security teams be more attuned to and how can these teams stay up to date as threats become more sophisticated?

With AI’s accessibility, deepfakes and unknown malware have become increasingly complex. Deepfakes, in particular, are becoming more realistic, simpler, and cheaper to produce, which makes it a challenge for even the most experienced cyber professionals to detect—let alone the general public. Additionally, audio AI tools make simulating executives’ voices effortless, further enabling bad actors to leave fraudulent voicemails for employees. At the same time, attackers are using AI to create unknown malware that can modify its behavior to bypass security solutions, evade detection, and spread more effectively.

To compete, organizations must fight AI with better AI. To defend against AI-generated threats, organizations require solutions powered by a more advanced form of AI, namely deep learning. Only DL, which works like the human brain taking in and synthesizing millions of signals, can recognize never-before-seen threats and stop them before they enter your organization’s infrastructure.

What should IT and cybersecurity teams do to ensure better use of AI in data protection and security?

To maximize AI’s effectiveness in data protection and security, IT and cybersecurity teams must first understand how to differentiate between AI capabilities.

Here’s a simple way to understand the difference between traditional AI/ML and DL using dogs as an example. Traditional AI/ML models recognize familiar features they’ve seen before. If an ML model was trained to recognize dogs based on images and videos of Labs and German Shepherds, it would do a great job of identifying dogs that look like Labs or German Shepherds—big ears, long tails, and pointed noses. However, when the ML model sees a squash-faced Pug or a wrinkly Shar-Pei, it won’t identify them as dogs.

DL models are trained on billions of data points. They don’t just ingest images of Labs and German Shepherds, DL models injest all available images, and the biological DNA of all of them.  DL learning uses all the available data.   This large volume of varied data allows the DL brain to develop a mental model of a “dog.” Its ability to recognize dogs in different forms expands and becomes more flexible. The DL brain understands that dogs can have short, curly tails, stubby legs, and wrinkled faces. Or they can be giant and gangly like Great Danes. It learns what characteristics make something dog-like and can apply its judgment to dogs it has never seen before, like Chihuahuas.

While dogs aren’t data, the same brain-like learning can apply to unknown malicious files. Even when DL encounters malware or mutations it has never seen before, it can still determine that the file is malicious and capable of causing significant damage. This ability to scan data at enterprise scale enables organizations to preemptively detect and stop threats others can’t even find with basic AI/ML technology.

Only DL can proactively prevent known and unknown threats before they breach defenses. This prevention-first approach shifts away from the outdated “assume-breach, detect and respond” mindset—where security teams focus on costly remediation and recovery after breaches occur. Instead, it prioritizes proactive defense, acknowledging that preemptive data security is the only way to truly protect data.

As organizations develop a deeper understanding of AI’s benefits and limitations, they will be better equipped to leverage its full potential and enhance their security posture with a focus on preemptive data security above all else.

Myths around AI and cybersecurity before we wrap up?

As organizations increasingly rely on the cloud to drive their digital transformation, businesses are generating and storing unprecedented amounts of data in the cloud. Unfortunately, there are two big misconceptions about how and who is responsible for protecting that data.

The first is that many organizations mistakenly believe that securing endpoints is enough to protect cloud storage. Not only is this not the case, but it also creates a false sense of security. Endpoint protection is essential, but it should not be the only line of defense to protect data stored in the cloud. In addition to some data bypassing Endpoint Detection and Response (EDR) systems and entering environments without safeguards, EDR and other traditional defenses are faltering in the face of the growing number of AI-driven, zero-day attacks covertly infiltrating systems. EDR tools can only respond once malware is actively executing, leaving a critical gap in cloud storage protection.

The second misconception is that cloud providers guarantee data security. While reputable providers implement safeguards, these apply to the provider’s infrastructure and platform rather than stored data, meaning the organization is responsible for data integrity. Additionally, many cloud providers do not actively monitor files for tampering or corruption, nor do they proactively fix misconfigurations, allowing potential threats to go unnoticed.

Only once organizations understand the limitations of endpoint protection and recognize their organization’s role in ensuring file integrity can they preemptively protect their most valuable asset – data – and take control of their cloud storage.

Catch more CIO Insights: Why Your LLM Needs a Knowledge Graph (GraphRAG)?

[To share your insights with us, please write to psen@itechseries.com ]