AI Helps Organisations Resist Cyber Crime

As hackers continuously devise new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. AI has the potential to become the principal weapon in the battle against cyber crime.

AI can be used in cyber security to help detect and mitigate threats, as well as build resilience into organisational operations. Clear measures must be put in place to ensure the AI for cyber is adding value to a company’s overall cyber security strategy.

Curating threat intelligence from millions of research papers, blogs and news stories, AI provides instant insights to help cut through the noise of thousands of daily alerts drastically reducing response times. AI and machine learning techniques a hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. 

There are clear advantages to using AI to automate certain cyber security tasks. Identification of these patterns can contribute to building predictive models to identify attacks before they occur or to provide decision support while an attack is underway.

Organisations are embracing AI, but at the same time the technology is exposing them to new security threats. Cyber-attacks and threats are considered major disruptors to businesses, nations and consumers alike. Artificial intelligence is seen as a major disruptive force too, but of the positive kind, fueling a new era of hyper connectivity, hyper intelligence and hyper performance. 

An increasingly complex business environment is leading organisations to embrace forms of artificial intelligence such as machine learning and facial recognition technology, while using data to build more intimate relationships with consumers.  However. many of these powerful innovations serve to increase thee ‘attack surfaces’ of an organisation, multiplying the level of vulnerability to cyber crime.

Cyber criminals are starting to use AI using to help drive attacks, employing the technology to uncover unsecured points of entry in enterprise networks. 

There are documented cases of criminals using deep fake technology to imitate the voice of company CEOs, leading to the Israel National Cyber Directorate warning against phishing attacks that are being used to demand access to secure networks, or ever money transfers.  In response to these growing threats, China passed a law that makes it a criminal offence to publish deep fakes or fake news without disclosure, while California criminalised the use of the technology in political advertising.
The question organisations are facing as they increasingly rely on AI in their business operations, is can the opportunities offered by AI be leveraged in cyber security to help better prepare, detect and respond to cyber threats or will it further propagate them?

AI For Cyber Security

In October 2019, the World Economic Forum ranked cyber attacks among the top ten global risks of highest concern, tipped to cost business an estimated -US90 trillion over a ten-year-period.  In fact, according to PwC’s 2019 Digital Trust Insights Survey of 3,500 global organisations, 47 percent said they had experienced operational downtime due to a cyber incident between 2017 and 2019.

Companies need to improve the speed at which they detect cyber threats because hackers are now employing AI to discover points of entry in enterprise networks. Deploying AI software to guard against AI-augmented hacking attempts has therefore become a necessary part of cyber security defense protocols. For instance, AI, when used with cyber security, can accelerate processes such as phishing detection via image recognition and automated tracking. Techniques such as natural language processing, data collection and automation can help organisations classify data more effectively, creating better safeguards against future data leaks. 

Platforms that use machine learning can help companies detect suspicious changes in behaviour and draw on the power of ‘deep learning’ to fend off predicted cyber-attacks.

The growing relationship between AI and cyber security has given rise to platforms and technologies that are leveraging big data, AI and automation to make accurate decisions in cyberspace as well as help scale the cyber operations at a much faster rate than is possible with manual human analysis. But how can organisations use AI to become more resilient to cyber crime and anticipate and respond to changes in the threat landscape over time? 

Here are three strategies for putting AI as a core component of your cyber security strategy, and set the stage for secure growth.

1.Identify the cyber security areas where AI can be applied (and will be most effective) it’s critical to consider where AI will bring the most value from a cyber security perspective. Examples include using AI to automate security operations and enable human-like decision making, ensuring that the vulnerabilities in your environment are classified and rated appropriately for remediation, implementing machine learning algorithms to look for anomalous user behaviour or using natural language processing to classify sensitive data in order to better protect it from future threats.

The power of AI for cyber is about automating manual processes or detecting potential attacks before they happen. But moreover, it’s also about the ability for AI to adapt its detection mechanisms to better understand and respond to the changing threat landscape as cyber criminals become more sophisticated.

2. Invest in developing AI-driven cyber security models to augment current cyber capabilities. Organisations are becoming increasingly wise to the ways in which AI is revolutionising cyber security. According to the PWC Digital Trust Insights survey, 41 percent say that their cyber security team uses automation and emerging technologies for threat intelligence, defence and recovery. AI driven cyber security models can run alongside existing automation engines to help take decisions that need intelligence and sophisticated interpretation capabilities.

3. Measure the ways in which AI is adding value to cyber security capabilities. An AI-driven cyber strategy should promote a proactive approach in anticipating and responding to the threat landscape, while fostering data-driven intelligence that grows and evolves at scale. Organisations need protocols in place to measure the ways in which AI and cyber security are working together and govern cyber security strategies. AI is proving the power of technology to augment human decision making and build trust, and in the process, re-imagining cybersecurity in the process. 

Ultimately, an AI-enabled cyber security will lay the foundation for a smarter organisation that holds resilience and intelligence at its heart. AI programs can sift through petabytes of data, identifying anomalies and even helping an organisation recognise and diagnose intrusions before they turn into catastrophic attacks. 

AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users, whether employees, customers, partners or suppliers, to ensure that all parties have the access they need, but only the access they need.

IBM:       PWC:      Computer Weekly:      Security Informed

You Might Also Read:

Advanced AI For Cyber Operations:

 

« Cyber Security Industry Growth Rate Will Reduce
VPNs – Training and Access – both now available on CYRIN »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Linklaters LLP

Linklaters LLP

Linklaters is an international law firm. Practice areas include Information Management and Data Protection.

Research Institute in Trustworthy Industrial Control Systems (RITICS)

Research Institute in Trustworthy Industrial Control Systems (RITICS)

RITICS is one of three Research Institutes formed as part of the UK National Cyber Security Strategy.

AXA XL

AXA XL

AXA XL is the P&C and Specialty Risk Division of AXA. Professional insurance products include Cyber Insurance.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

Aristi Labs

Aristi Labs

Aristi Labs provides comprehensive security solutions to help businesses protect data and intellectual property, minimizing downtime and maximizing productivity.

Australian Cyber Collaboration Centre (Aus3C)

Australian Cyber Collaboration Centre (Aus3C)

The Australian Cyber Collaboration Centre (Aus3C) is committed to building cyber capacity and securing Australia's digital landscape.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

Pelta Cyber Security

Pelta Cyber Security

Pelta Cyber Security is the cyber security consulting and solutions division of Softworld Inc. We provide staffing and recruitment services as well as consulting and solutions for outsourced projects.

1Password

1Password

1Password combines industry-leading security with award-winning design to bring private, secure, and user-friendly password management to everyone.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Seigur

Seigur

Seigur is an IT consultancy business providing flexible legal and cyber security services for IT and data privacy programmes.

Vaultree

Vaultree

We believe in an encrypted tomorrow. Vaultree technology enables a foundational change in how we communicate with each other: Safely!

GuardYoo

GuardYoo

GuardYoo's SaaS platform allows cybersecurity professionals to perform Compromise Assessment remotely from anywhere in the world.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.

Standard Notes

Standard Notes

Standard Notes is a secure digital notes app that protects your notes and files with audited, industry-leading end-to-end encryption.