Even if humans could keep up with the increasing number of threats, and the rapidity with which they happen, there’s a shortage of people with the necessary skills. ISACA, an international professional association focused on IT governance, predicts that the lack of qualified talent will lead to a global shortage of two million cybersecurity professionals by 2019. This poses a huge problem. The truth is that there is a shortage of talent to effectively maintain cyber security.
Additionally, security controls are also problematic. Too many companies deploy standalone security products, and then struggle to manage the integration of all the different systems. Too much effort is placed on managing multiple security products, rather than on proactively defending the organisation against the next attack. This problem is heightened because traditional antivirus tools are no longer robust against rapidly changing and sophisticated malware.
One solution is to employ a third party to safeguard our assets as well as insurance, which will cover at least some of the damage from a major breach. But, these are short-term solutions. To stay ahead, some companies are now leveraging the power of artificial intelligence (AI) as a driving force to combat online attacks.
Companies must be proactive against Cybercrime
Cybercrime has been easier to perpetrate than to fight, until now. There is growing market to build intelligence platforms that can help organisations better manage and understand their own data. Companies already have volumes of information about what’s happening inside their systems. Cyber firms aim to use AI to unlock valuable hidden insights by making it faster and easier to analyse data, and to look for behavioural patterns from many sources and over time. This provides security teams with greater insights into areas of likely vulnerability, which gives them time to protect themselves.
Experts reckon that AI offers better insights and control of organisational data, systems and processes. The ultimate goal is to use AI-based security to find and stop cyber attacks before they happen; and if, once they have inevitably happened, to mitigate the eventual risks within seconds, not minutes, hours or days.
Enterprises go digital to leverage advantages from faster time-to-market, automation efficiencies and execution speed. Similarly, cybercriminals see increasing digitisation as a window of opportunity. Cybercrime syndicates actively target digital ecosystems including cloud infrastructure, software-as-a-service offerings and internet of things devices. As a result, enterprises are faced with the challenge of maximising business opportunity while balancing the risk of cyber exposure.
How Cybercrime could cripple Organisations
As Cybercrime becomes ever more innovative, with new threats for which legacy security technologies are inadequate, cybersecurity needs to be reimagined. Cybercriminals have become adroit in strategically targeting of enterprises using a relevant context. A target favored by attackers is the cloud console of an organisation, used to store and process data. Cybercrime syndicates are using this in order to force cloud-first companies to pay a ransom.
Using “deep penetration”, they position themselves in the victims’ systems, moving laterally within the organisation, waiting for the optimal moments to attack, and effect the greatest gain and destruction of assets. Today’s cybercriminals are often paid well enough to spend months, to plan, prepare and execute attacks.
Scaling Cyber Defence to meet challenges
Enterprises have scaled their degree of digital operations as data has grown exponentially. However, scaling security with conventional approaches has been a challenge for many. Conventional security systems use signatures and intelligence to detect existing threats. This provides some capability to manage incidents by pairing them with known problems. However, new and innovative attacks create blind spots for these systems. Relying on conventional security technology or human expertise alone to handle this new situation will not be effective. What is required is a fresh approach, to deploy and scale AI to counter cybercrime.
What AI brings to the Cyber landscape
Recent developments in AI have led to smarter autonomous security systems using machine learning. With the right AI technology, computers can now keep up with big data that the cyber space produce. AI algorithms are very good at identifying outliers from normal patterns. Instead of looking for matches with specific signatures, a tactic that new age attacks have rendered useless, AI blends with cyber by first making a baseline of what is normal. From there, it deep dives into abnormal events can be made to detect attacks. This type of detection usually falls into the area of unsupervised learning algorithms. The other approach in AI is to use supervised algorithms to detect threats they have been trained on such as advanced malware that has mutated from an older one.
As Cybercrime is poised to become a $2 trillion problem by 2020, the cyber security industry is evolving rapidly and continuously to counter threats from criminals. Recently, a number of AI-based cyber security companies emerge: Darktrace is one the global leaders. Alphabet, Google’s parent company has come up with its own version of AI technology in Chronicle. AI for cyber defence is a game changer, as it offers resilience in the face of a rapidly evolving threat landscape.
Existential challenges to explore
As cyber criminality becomes more “professional” by using its own automated tools, the challenge is to ascertain whether AI technology can really transform cyber defence. The concept of machine vs machine is edging ever closer. Other strategies will be required to mitigate ways in which the machine-learning algorithms could create a false sense of security. As an example, products based on “supervised learning” could be exposed to hackers who get access to a security firm’s systems to corrupt data by switching labels so that some malware examples are tagged as clean code. Alternatively, they could work out the features of code that a model is using to flag malware and then remove these from their own malicious code so the algorithm doesn’t catch it.
Despite these potential challenges, companies are now locked into a serious cybersecurity war – “White Hats” vs “Black Hats”. A recent report from ABI Research estimates that cybersecurity AI will enormously bolster spending in big data, intelligence and analytics, reaching $96 billion by 2021, as the industry explodes.