Palo Alto Networks executives Jas Sood and Sam Rubin have underscored the accelerating pace of cyber threats fueled by advancements in artificial intelligence (AI) and automated tools. Speaking in a recent interview, they highlighted the challenges organizations face in keeping up with increasingly sophisticated attacks that can overwhelm traditional security measures.
Sood, who serves as president of strategics west and U.S. healthcare at Palo Alto Networks, emphasized that threat actors are leveraging AI to enhance their capabilities, enabling them to conduct reconnaissance and execute attacks at unprecedented speeds. “Adversaries have the ability to scale reconnaissance, access and the impact of attacks,” he noted. This rapid evolution complicates the defense landscape, particularly as many organizations deploy a multitude of security tools that often generate disparate data.
Rubin, the senior vice president of consulting and threat intelligence at Unit 42, Palo Alto Networks, elaborated on how this “tool sprawl” hampers effective detection and response. He indicated that the data produced by various security tools frequently lacks alignment, hindering analysts’ ability to act swiftly. “Analysts receive logs and telemetry they can’t act on quickly because systems don’t connect. This gap hides early signals and delays containment,” he explained.
The urgency of the situation is underscored by alarming statistics. Rubin revealed that in one out of five incident response investigations conducted by Palo Alto Networks, data exfiltration is detected in under an hour. This reality presents a stark reminder of the critical need for organizations to enhance their threat detection measures.
During the interview, Sood and Rubin discussed the potential of AI technology to address some of these challenges. They pointed out that AI can help correlate events across different systems, thereby improving the overall situational awareness of security teams. This capability could significantly reduce response times and enhance the effectiveness of incident management.
Identity remains a key vulnerability in many organizations, with Sood noting that it continues to be the most common entry point for attackers. The emphasis on identity security is not just a best practice; it has become a fundamental component of a robust cybersecurity strategy, especially as the attack surface expands.
As the landscape of cyber threats evolves, organizations are increasingly recognizing the importance of integrating their security tools and leveraging AI capabilities to create a cohesive defense strategy. The challenges posed by rapidly advancing threats necessitate a fundamental rethinking of how cybersecurity is approached.
Sood leads revenue growth, customer strategy, and go-to-market execution for some of the largest Fortune 500 clients and healthcare providers in the U.S., while Rubin has over two decades of experience in cybersecurity, having built and scaled global incident response teams and investigated high-impact cyber events, including ransomware attacks and state-sponsored intrusions.
The ongoing dialogue around AI’s role in cybersecurity is critical as organizations face a barrage of threats that continually evolve. As Sood and Rubin noted, the integration of advanced technologies will be essential not just for detection but for understanding the broader implications of cyber threats on organizational resilience and data integrity.
