Subscribe
About

Digital twin – the next frontier in AI-enabled cyber threat exposure management

Nithen Naidoo, founder and CEO of Snode Technologies.
Nithen Naidoo, founder and CEO of Snode Technologies.

The popularisation of LLMs, or large language models, as the first point of entry for consumers into the world of generative AI capabilities has many professionals wondering: where else can this technology make an impact for my industry?

The complexities of cyber security make it a natural choice for industry-wide application. That’s why we’re seeing a rise in news articles speaking to the proliferation of AI-based cyber attack strategies – and application of AI to parallel streams in cyber defence.

Snode, an award-winning SA-based cyber security firm, cut its teeth on this trend seven years ago. Guardian, Snode’s cyber defence platform, uses artificial intelligence and machine learning to detect patterns in a client’s network that signal possible real-time or imminent threats. Though, according to Snode's CEO, Nithen Naidoo, this model is already outdated.

“Don’t get me wrong. There’s a lot to be excited about in the field of AI right now. It’s just that the application of AI to threat detection is only a small, now foundational, aspect of the AI landscape in cyber security. It’s almost a basic requirement from cyber defence firms. The application of AI-enabled digital twin technology, however, is emerging as a field with vast untapped promise,” says Naidoo.

And the proof is in the implementation. While the digital twin technology at Snode entered its Beta testing phase in 2024, starting with a presentation to three clients, the technology is now live to all Snode customers. But why does technology make such a difference?

Take the insider threat, for example: your database administrator potentially defrauding the organisation while colluding with an external criminal network. Traditional signature-based detection, while it has its place, would not be the control through which this threat is discovered. A digital twin, however, will allow you to create this low-cost, high-fidelity model of your real-time environment, running multiple simulations of events happening in your world as new techniques or intelligence arises, including the most nascent trends. A simple news article or threat report on this activity can correlate the behavioural patterns and foresee the potential for this risk to be realised in your own organisation.

These capabilities empower cyber security analysts by integrating vulnerability, asset and threat intelligence into a single model view. This allows the analyst to unpack motive and predict where an adversary is most likely to attack you. This is achieved using a simulation run on a digital twin of your environment to determine the exact risks and high probability points of compromise. Through the identification of the attacker's kill-chain, through high-fidelity simulation, you can prioritise your efforts and foresee business impact in a situation where time is crucial and each decision could have detrimental consequences.

In this scenario, the AI sifts through data at internet scale and helps you get to the most optimal outcome for your situation. Additional applications of the digital twin technology include remediation and deception activities. However, Snode is constantly scanning for other ways to apply this innovation for best use. This includes disaster recovery simulation and more.

Naidoo adds: “Our learnings from this step change in AI application have come from experience. Experience won at through engagement and implementation gleaned from our own experiments because we took action early. It’s one of the benefits of working with an agile team like Snode. Our 60-person team protects devices across six continents and defends critical national infrastructure. This is made possible by our leveraging of the best in technology – and I can’t wait to share this journey with you at the ITWeb Security Summit this year.”

Snode Technologies will be the exclusive sponsor of the Broadcast Booth at ITWeb Security Summit 2025, in Johannesburg, as well as sponsor of the first prize for the hackathon, and will have a stand at the Cape Town Summit. Naidoo will also present a talk at the event on the subject and learnings from Snode’s application of digital twin technologies in a customer's cyber security environment.

ITWeb Security Summit 2025 will be staged at the Cape Town International Convention Centre on 27-28 May and at the Sandton Convention Centre in Johannesburg from 3-5 June. For information and to register, visit https://www.itweb.co.za/event/itweb-security-summit-cpt-2025/.

https://www.itweb.co.za/event/itweb-security-summit-2025/

Share