Tag: AI cybersecurity

Categories
DTQ Events

Report: Transitioning to Agentic Cyber Defense

/home/u825148967/domains/quotients.com/public_html/wp-content/themes/twentytwenty/template-parts/featured-image.php on line 28
https://quotients.com/dtq/report-transitioning-to-agentic-cyber-defense/">
Categories
DTQ Events

Report: Transitioning to Agentic Cyber Defense

Introduction

DTQ recently convened a specialized session, “Transitioning to Agentic Cyber Defense to Counter Autonomous Threats,” to explore the evolution of defensive strategies in an era of self-evolving adversarial tactics. The online discussion framed “agentic defense” not merely as an upgrade in tooling, but as a strategic pivot from reactive, signature-based controls toward autonomous systems capable of reasoning and adapting within defined risk parameters.

The Speakers

The panel featured a cross-disciplinary group of leaders representing the financial, industrial, and consulting sectors:

  • Anindya Chatterjee — Assistant Director, EY Global Consulting Services
  • Pulkit Vohra — Senior Data Privacy Manager, Top UAE Financial Institution
  • Mohamed A. S. — AI Governance Architect
  • Sandeep Bansal — CIO, Aone Steel India Ltd
  • Sandeep Singh — Senior Manager, Genpact

Key Insights

The Changing Threat Landscape

  • Lowered Barriers to Entry: AI and automation allow low-skill actors to execute high-sophistication attacks. Phishing and credential harvesting are becoming indistinguishable from human activity.
  • Compressed Response Windows: The primary vulnerability is no longer just the “bad decision,” but the “unquestioned execution” of rapid, automated attacks.
  • Cognitive Overload: Traditional SOC workflows are structurally incapable of managing the current volume of alerts; governed automation is now a survival requirement.

Principles of Agentic Defense

  • Bounded Autonomy: Systems must operate within “guardrails.” High-confidence, low-risk actions can be fully automated, while high-impact shifts require human-in-the-loop (HITL) authorization.
  • Radical Transparency: Every autonomous action must be explainable and auditable, detailing the rationale and data inputs for regulatory and forensic purposes.
  • Collateral-Aware Logic: Systems must calculate the potential business impact (e.g., service downtime) before executing a defensive maneuver, with built-in “safe rollback” capabilities.

Governance and Accountability

  • Human-Centric Liability: Regardless of the level of autonomy, accountability remains with human stakeholders. Responsibilities must be clearly mapped across model owners and business leaders.
  • Policy-as-Code: Governance should be machine-readable, allowing agentic systems to enforce legal and internal constraints at the same speed as the threats they counter.
  • Cross-Functional Oversight: Alignment between Security, Legal, and Privacy teams is essential to define the boundaries of “acceptable” autonomous behavior.

Privacy and Data Strategy

  • Privacy-Preserving Telemetry: Implementation of data minimization and pseudonymization ensures that detection needs do not compromise privacy obligations.
  • Engineering-Led Privacy: Privacy cannot be a checkbox; it must be baked into the architecture and model training phases to prevent data “scope creep.”

Operationalization Strategy

  • Phased Deployment: Start with “low-hanging fruit,” such as quarantining known malware or blocking confirmed fraud, before scaling to complex decision-making.
  • Continuous Simulation: Use red-teaming and “chaos experiments” to test how autonomous playbooks behave under extreme or unpredictable stress.
  • Legacy Integration: Agentic capabilities should augment—not replace—existing SIEM, EDR, and IAM investments to ensure telemetry continuity.

Technical & Sector Considerations

Technical Design

  • Model Lifecycle Management: Rigorous versioning and drift detection are required to prevent adversarial manipulation of the defense models themselves.
  • Fail-Safe Defaults: When confidence scores are low, systems must default to “Alert Only” modes rather than taking disruptive actions.

Sector-Specific Applications

  • Financial Services: Focus on real-time fraud prevention and identity risk scoring while maintaining high explainability for regulators.
  • Industrial/OT: Priority is placed on Operator-Assist recommendations. Given the risk of physical damage, direct autonomous actuation must be approached with extreme caution.
  • Managed Services (MSSPs): Providers can act as a force multiplier by centralizing model management and threat intelligence for multiple clients.

Practical Recommendations for Leaders

  1. Tier Your Automation: Classify defensive actions by risk level. Automate the “obvious” and assist the “complex.”
  2. Codify Your Rules: Move from written PDFs to machine-executable Policy-as-Code.
  3. Enrich Your Context: Invest in high-quality telemetry (Identity, Asset, and Business process mapping) to improve the “reasoning” of agentic tools.
  4. Monitor the Models: Treat your security AI as a high-value asset; implement drift monitoring and adversarial testing.
  5. Foster Collaboration: Establish a cross-functional forum where Legal and IT define the rules of engagement together.

Conclusion

Agentic cyber defense is no longer a futuristic concept—it is an operational necessity. To successfully transition, organizations must balance the speed of AI with the wisdom of human oversight. By adopting a phased, risk-aware approach grounded in Policy-as-Code and explainable AI, security leaders can build a resilient posture that scales with the threat while remaining firmly under human control.

DTQ serves as a platform dedicated to mapping global industry shifts and providing “information capital” before it reaches the mainstream. in cybersecurity space. Please write us at open-innovator@quotients.com for more information.

Categories
Data Trust Quotients Events

Report: The AI vs. AI Digital Arms Race

/home/u825148967/domains/quotients.com/public_html/wp-content/themes/twentytwenty/template-parts/featured-image.php on line 28
https://quotients.com/dtq/data-trust-quotients/report-the-ai-vs-ai-digital-arms-race/">
Categories
Data Trust Quotients Events

Report: The AI vs. AI Digital Arms Race

March 6, 2026

The global technological landscape has reached a pivotal tipping point where the narrative of Artificial Intelligence has shifted from “assistance” to “autonomy.” We have officially entered an era of a digital arms race—a state where AI systems are simultaneously being engineered to compromise global infrastructure and to defend it.

In a landmark knowledge session organized by DTQ, a panel of elite practitioners from the banking, telecommunications, and aviation sectors convened to dissect this “AI vs. AI” phenomenon. The consensus was clear: the battlefield has moved beyond human reaction times. The security of our future now depends on how we architect the machines that fight on our behalf.

The session brought together three leading practitioners in AI-driven cybersecurity across banking, telecom, and aviation:

  • Dr. Sudin Baraokar – AI and quantum scientist, former Head of Innovation at SBI, architect of the Yono app (100M+ users), and builder of AI-native banking systems.
  • Daxesh Parikh – EVP at DoveLoft Limited, specializing in telecom-based authentication for government, banking, and fintech, working with major Indian banks on next-gen security beyond OTPs.
  • Sabarikumar KB – Group Manager & CSO at Airbus, with frontline SOC experience countering AI-generated attacks and expertise in aviation security architecture.

Moderator: Dr. Akvile, founder of System Akvile and CEO, participant in G20 AI governance discussions, with extensive work on AI in health and youth sectors

The Opening Salvo: From Tools to Combatants

The discussion opened with a provocative observation: technology is advancing at a velocity that has outpaced traditional oversight. Only a few years ago, AI was seen as a helpful tool for automation; today, it has become a primary combatant. Some systems are designed to create problems, while others are built to stop them, turning the digital landscape into a battle where one AI generates threats and another AI counters them—leaving humans as spectators to the unfolding drama.

This drama plays out through a sophisticated cycle: attackers deploy Large Language Models to craft flawless phishing campaigns, generate hyper-realistic deepfakes for social engineering, and automate brute-force hacking that can probe millions of vulnerabilities in seconds. In response, defensive AI is being woven into the fabric of networks, detecting anomalies and neutralizing threats at machine speed

Banking Infrastructure: Resiliency at 24,000 TPS

The primary concern for any digital economy is the stability of its financial heart. Dr. Sudin Baraokar, an AI and Quantum Scientist with a storied career at SBI, IBM, and GE, provided a masterclass on how banking infrastructure is evolving to survive an AI-native world.

The Scale of the Challenge

Dr. Sudin shared staggering benchmarks from his tenure as Head of Innovation at the State Bank of India (SBI). These figures provide the context for why traditional security is no longer sufficient:

  • Transaction Speed: Core banking systems are benchmarked at 24,000 transactions per second (TPS).
  • Daily Volume: Handling approximately 1.5 billion transactions daily.
  • Customer Reach: Protecting the data of 500 million customers across 700 million accounts.
  • The Yono Factor: The Yono digital lending app has now crossed 100 million users, representing a massive surface area for potential attacks.

The Shift to Artificial Superintelligence (ASI)

Dr. Sudin emphasized that the advent of AI and Gen AI allows banks to “talk to their data” in ways previously unimagined. The shift is moving away from static rules and manual libraries toward Security Model Management.

“Previously, we used to have a whole lot of templates and rules, but now it’s all model-driven,” he explained. This allows for a three-level approach to security:

  1. Level 1 (Business Rules & Intent): Establishing the foundational logic of what a transaction should look like.
  2. Level 2 (Reasoning): Using AI to analyze the context and intent behind system behavior.
  3. Level 3 (Decisioning): Enabling the system to take autonomous action to block a threat.

The Human Factor: The Persistent Weakest Link

Moderator Dr. Akvile, Founder and CEO of System Akvile, brought a grounding perspective to the high-tech discussion. Despite the billions of dollars invested in AI shields, she pointed out that the most frequent point of failure is still the human being sitting at the keyboard.

The “Grandmother” Scam and Deepfakes

Dr. Akvile highlighted a growing trend in European banking: the largest investments are no longer just in software, but in human education. She shared anecdotes of “grandmothers” in Germany giving away banking details to AI-generated voices claiming to be their granddaughters.

“Banks are doing a lot to protect from cyberattacks, but the biggest issue is still the person handling the account,” she remarked. Whether it is using “Password123” or sharing sensitive data on fraudulent web pages, human fallibility provides a backdoor that even the most advanced AI struggles to close.

The Value of Information

Working with young people in the health sector, Dr. Akvile expressed concern over the “value of information.” In an age of deepfakes and AI influencers, the public’s ability to distinguish reality from manipulation is eroding. This creates a secondary security risk: the manipulation of public opinion to trigger bank runs or healthcare panics.

The Telecom Backbone: Beyond the OTP

Daxesh Parikh, Executive Vice President at Dovelofts Limited, pivoted the conversation toward the “nervous system” of the digital world: Telecommunications. He argued that data theft is synonymous with “business paralysis.”

The RBI Mandate of 2026

In a significant update for the Indian BFSI sector, Parikh discussed the April 1, 2026, RBI mandate. The regulator is demanding a robust alternative to the One-Time Password (OTP) to prevent fraud and reduce friction.

“Fraudsters can weaponize SS7 and SIP protocols to intercept OTPs,” Parikh warned. The industry is moving toward Predictive Real-Time Authentication using the “crypto engine” already present in every SIM card.

The “Crypto Engine” Solution

By leveraging the unique cryptographic identity held by telecom operators, banks can verify a user’s identity without ever sending a text message. This “silent” authentication is already being used by Barclays Bank in Europe and is expected to become the global standard by 2030.

Frontline Defense: The Struggling SOC

Saba, Group Manager and CSO at Airbus, provided a reality check from the Security Operations Center (SOC). She confirmed that traditional detection tools are “struggling” because they were built to recognize historical patterns.

The Experimentation Advantage

Attackers now have the “experimentation advantage.” Instead of sending one phishing email, they can use AI to generate 100,000 variations, testing each one against common filters until they find a “perfect” version that looks like a genuine internal HR update.

The SOC Shift

To counter this, Saba outlined a necessary evolution for security teams:

  • Behavior Over Signatures: Stop looking for what a file “is” and start looking at what it “does.”
  • Correlation Over Isolated Events: Using AI to connect a harmless-looking login with an unusual data export.
  • Analytical Thinking: Analysts must move from being “tool operators” to “investigators.”

Security by Design in an AI-Native World

The panel agreed that “Security by Design” has fundamentally changed. It is no longer enough to secure the infrastructure (the “car”); you must secure the intelligence (the “driver”).

The Three Pillars of Model Security

Dr. Sudin and Saba identified three critical areas where AI-native systems must be protected:

  1. Training Data Security: Preventing “data poisoning” where an attacker injects malicious data into the AI’s learning set.
  2. Model Behavior: Implementing filters to prevent “prompt injection,” where a user tricks an AI into bypassing its own safety rules.
  3. Lifecycle Monitoring: AI systems “drift” over time. Continuous monitoring is required to ensure the AI doesn’t develop harmful biases or vulnerabilities as it learns from new data.

Compliance: The Floor, Not the Ceiling

A common mistake made by organizations is treating compliance (GDPR, ISO, India’s DPDP) as the goal. Saba argued that compliance is merely the floor—the absolute minimum baseline.

“Compliance moves at the speed of governance, but threats move at the speed of code,” she noted. An organization can be 100% compliant and still be 100% vulnerable. The goal must shift from “being compliant” to “being resilient.”

The 2036 Vision: Agentic and Autonomic Security

Looking toward the next decade, Dr. Sudin outlined a future of Agentic Security. In this world, security fabrics will function like a neural network—automated, autonomic (self-managing), and self-audited.

He compared this transformation to the current $5 trillion investment in AI hardware, such as NVIDIA’s Blackwell chips, which feature 200 billion transistors. “We need to accelerate our journeys across business, data, and technology just as fast as the hardware is accelerating,” he urged.

Conclusion: Fortune Favors the Prepared

The DTQ session concluded with a final round of advice for the next generation of entrepreneurs and leaders:

  • Dr. Sudin: “Don’t depend on particular LLMs. Build your own organizational Small Language Models (SLMs) to own your IP and security.”
  • Daxesh Parikh: “Fortune favors the brave. Take calculated risks, align with AI-routing platforms early, and don’t wait indefinitely for the ‘perfect’ time.”
  • Saba: “Do the basics first. HTTPS, MFA, and API security are the foundations. AI is the roof. You cannot build the roof before the foundation.”
  • Dr. Akvile: “Preserve humanity. As we use more AI, we must ensure we don’t lose our empathy and authenticity.”

Final Takeaways

  1. AI vs. AI is Reality: Organizations must fight automation with intelligence.
  2. The OTP is Dying: Prepare for hardware-based, cryptographic identity.
  3. Model-Driven GRC: Governance must be integrated into the AI’s reasoning layer from Day Zero.
  4. Education is Essential: The human link must be strengthened through constant awareness.

The “AI vs. AI” digital arms race is not a drama we can afford to watch from the sidelines. It is a fundamental shift in the human-machine relationship, and the winners will be those who build their defenses as intelligently as their offenses.

This DTQ Session provided essential insights on the AI vs. AI battleground in cybersecurity. Expert panel: Dr. Sudin Baraokar (AI/Quantum Scientist, former SBI Head of Innovation), Daxesh Parikh (DoveLoft Limited), and Saba (Airbus CSO). Moderated by Dr. Akvile. Write to us at open-innovator@quotients.com for participating and more information about our upcoming sessions.