AI-based threat intel consolidates data into single platform: Verizon Business exec

Cybersecurity is an ever-evolving field, with new threats and technologies emerging regularly. Artificial Intelligence (AI) is becoming essential for organisations to detect and address modern cyber risks. Verizon Business, a division of Verizon Communications, provides enterprise solutions in cloud services, cybersecurity, networking, and communication technologies. It serves various industries with managed services, business mobility, and advanced data analytics. 

In an interview with TechCircle, Anshuman Sharma, Director of VTRAC Cybersecurity Consulting Services at Verizon Business, discussed how the company uses AI in cybersecurity, tackles threats like phishing and AI-driven scams, and adapts to the impacts of 5G and edge computing while supporting digital transformation Edited Excerpts:  
 
How does your company integrate AI into its cybersecurity solutions, and what advantages does it provide in detecting and countering modern cyber threats? 

AI brings both positive and negative aspects, particularly in the realm of response and defense. On the positive side, AI is being utilised for rapid threat detection, significantly enhancing security measures. 

One key technology is endpoint detection and response (EDR), which provides detailed visibility at the endpoint level. EDR has essentially become the modern equivalent of antivirus solutions, now a critical component of endpoint security for organisations. 

At the network level, machine learning algorithms—both supervised and unsupervised—are employed in network detection and response (NDR) systems. These algorithms excel in anomaly detection, such as identifying unusual network spikes. They learn from the environment, enabling them to predict and alert on suspicious activities. Additionally, these systems can take proactive measures to mitigate potential threats. 
AI is also revolutionising threat intelligence by consolidating data from multiple providers into a single platform. With an overwhelming volume of threat intelligence being shared, AI helps organisations aggregate and map this information against their specific threat profiles. This integration supports cyber risk quantification, enabling real-time assessment of the risks faced. AI not only automates routine tasks but also enhances predictive analysis, helping organisations prepare for and respond to potential incidents. 

For incident and data breach responses, defenders and responders are leveraging tools like EDR, AI-powered threat intelligence, and NDR systems. These technologies collectively strengthen security by enabling faster detection, informed decision-making, and proactive defense strategies. 
 
Where do you see the cybersecurity industry heading, and how is AI impacting it? 

AI is quickly becoming a necessity that organisations cannot avoid. One of the key challenges with AI today is its inability to "unlearn"— once it has been trained, reversing that learning is complex. Despite this, most organisations are increasingly comfortable with implementing AI-powered tools, as these significantly enhance operations. 

AI-powered threat intelligence, for instance, helps organisations prepare more effectively, improves efficiency, and accelerates processes like prevention and response. This includes advancements in endpoint detection and response, where AI-driven systems are gaining widespread confidence. As cybercriminals leverage AI for phishing campaigns, automated malicious code creation, deepfakes, CAPTCHA breaking, and convincing email generation, organisations must adopt AI to counter these threats effectively. 

Modern AI tools benefit from the abundance of data now available for model training, overcoming previous limitations. These tools integrate seamlessly within environments, enhancing Security Operations Center (SOC) capabilities. The shift has evolved from simple monitoring and response to automation and predictive analytics. This evolution allows for faster, more proactive responses to the rapidly changing threat landscape. 

Predictive analytics, a core feature of modern AI tools, is critical for defense and response. It enables organisations to respond at a pace that matches the speed of evolving cyberattacks, making AI an essential element for enterprise cybersecurity moving forward. 
 
With the rise of generative AI, phishing and impersonation scams have increased. How do you help businesses take key steps to protect themselves? 

AI-driven hyper-personalised phishing campaigns are a growing concern, as attackers use social media and public records to craft convincing emails tailored to individuals. These emails often mimic a person’s writing style and incorporate personal details to create emotional connections, increasing their chances of success.

To address this, businesses must adopt a multi-layered defense strategy. While tools that detect deepfakes by analysing facial expressions and eye movements are helpful, ongoing security training is critical. Users need to recognise AI-driven communication styles and emotional manipulation used in phishing attacks.

Moreover, businesses should implement least privilege access controls and a zero-trust model to secure identities, endpoints, and networks. Strong gateway detection systems are essential, but training employees to avoid phishing attempts, especially those in high-risk departments, is key to reducing risk. Tailored, department-specific training is crucial for protecting against targeted threats.

On the technological front, enforcing strict access controls and zero-trust principles like network segmentation can minimise damage from successful attacks. A layered approach, combining prevention, awareness, and strict access controls, is necessary to limit the impact of phishing campaigns. Many organisations are already moving toward these strategies for better protection. 
 
How do you see technologies like 5G and edge computing impacting cybersecurity in the future, both in terms of benefits and potential risks for enterprises? 

Edge computing primarily aims to bring computation closer to the user to improve the overall experience. However, this shift comes with its own set of risks. 

At its core, the principles remain the same. Just like when we moved to the cloud, where the cloud itself became a key focus, the security assessments around edge computing are fundamentally similar to those in data centers. The focus is still on identity protection, securing data at rest, in transit, and while it’s in use. 

Whether it’s 5G or edge computing, the challenges don’t change. The main difference is that the computation, which traditionally happened at a central location, is now being moved to the edge. As more data moves to the edge, AI plays an increasingly important role, especially in areas like anomaly detection. 

For instance, consider a simple example: when you open a PDF file, the expected behaviour is that Adobe Acrobat will open it. But if, in addition to Adobe Acrobat, you notice a Chrome browser or Internet Explorer also opening in the background, that’s an unusual behaviour. It suggests that, along with the PDF reader, there’s an unexpected connection happening, like a triggered Internet connection on an unusual port. 

These are examples of anomaly detection, and with edge computing, such security measures are being implemented not just centrally but also at the edge. 
 
How is your company supporting digital transformation for businesses, particularly in sectors like manufacturing and retail, while also addressing cybersecurity concerns? 

We've been emphasising the importance of cyber risk quantification to our customers—if you can’t measure it, you can’t protect it. As businesses undergo digital transformation, especially in manufacturing, new risks emerge with the rise of cloud, Internet of Things (IoT), AI, and machine learning. 

Key strategies for protection include Secure by Design, ensuring security is built into systems and architecture from the start, particularly when managing access between IT and IoT. Cyber Risk Quantification is essential for assessing and prioritising risks, focusing on the most critical areas. Strong Authentication and Access Control are vital, with multi-factor authentication (MFA) as a baseline and a shift toward password less security. 

Creating a Cybersecurity Culture is necessary for ensuring that everyone in the organisation takes responsibility for security. Along with this, Risk Assessment is needed to properly quantify and address risks. Finally, Threat Intelligence and Continuous Monitoring help organisations stay ahead of evolving threats, using AI-driven insights. 

While many organisations are adopting these practices, implementation is often slow. We see gaps in areas like MFA and EDR, creating silos in security efforts. For effective protection, prioritise key departments and assets first, then expand security measures throughout the organisation as part of the digital transformation. 
 
What cybersecurity trends or threats do you foresee dominating in the next five years, and how well is your company prepared to address them? 

Cybersecurity is facing several key trends. Ransomware, particularly through Ransomware-as-a-Service (RaaS), continues to rise. In this model, malware developers sell sophisticated zero-day ransomware to hacker groups, who then use it for attacks. Subscriptions to RaaS offer varying models, including monthly payments, profit-sharing, and technical support. This trend has been steadily increasing since 2019, with a 24% rise in incidents this year. 

Phishing attacks have also surged, becoming a primary method for cybercriminals to target individuals. As we live in an increasingly connected world, the security of IoT devices is more important than ever. With so many IoT devices creating potential vulnerabilities, there’s a growing need for better protection. 

Quantum computing is another concern, with claims that it could soon break encryption methods like AES. Although still in early development, quantum computing may undermine current encryption in the next 5-7 years. Cloud security also remains a focus, as businesses continue to adopt cloud services, highlighting the need for stronger security practices. 

Finally, AI and machine learning are changing cybersecurity, both as tools for attackers and defenders. On the defensive side, AI is being used to enhance security automation and threat detection. The adoption of Zero Trust security models, which protect identities, networks, and systems through continuous monitoring, will also grow as more organisations move toward this framework for better protection.