Artificial Intelligence Is Cyber Defence

Uploaded on 2018-03-09 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-News Analysis, FREE TO VIEW, TECHNOLOGY--Developments

Cybersecurity companies estimate that new malware variants are introduced at a daily rate of up to 390,000. With each hour that passes, at least 13,000 new files emerge. Humans simply cannot keep up with them, which is why cybersecurity analysts are turning to artificial intelligence (AI) for help.

Fighting the constantly evolving and morphing threat landscape requires a combination of detection and a single view of threat data, in addition to the traditional methods of signature-based malware detection and blocking.

AI helps spot trends, patterns, and anomalies in data that the naked eye cannot discern to help identify and mitigate new types of malware.

A single view of threat data places all the relevant information in one place to empower the people on the front lines of the battle against cybercriminals, especially as attacks continue to rise.

AI Security Battle

As new malware files constantly burst into the cyber scene, an increase in cyberattacks is all but inevitable. In 2016, 638 million ransomware attacks were recorded, more than 167 times the number of incidents in the previous year.

Threats are getting more frequent, varied, and severe. But it takes only one successful try for hackers to break into a network, while defenders must successfully fend off attacks every time.

That’s no easy feat, considering that big data, social media, and the digitization of business processes create enormous volumes of data that have to be processed to find malware indicators.

Security platforms can handle thousands of events per second, but that still isn’t enough to manage the threat landscape.

On top of that, there aren’t enough experienced cybersecurity professionals to keep up with it all. Colleges have only recently started to weave cybersecurity courses into their computer science curricula. It will take some time before the cybersecurity skills gap is filled—if that ever happens, considering how fast the threat landscape changes.

In any case, cyber-criminals aren’t waiting for new people to enter the cyber-security profession to give them a fair shake.

The answer, therefore, is to train AI models to do the job of security analysts by automating manual tasks that are traditionally performed by security operations centers (SOCs).

Security teams are using behavioral analytics and machine learning capabilities to process millions of events per second and detect the subtlest hints of malware.

Use Machine Learning

The herculean task of spotting patterns and anomalies to identify new types of malware requires sifting through eye-popping volumes of data from multiple sources, including threat intelligence reports, IP addresses, white- and blacklists, and millions of endpoints.

Machine learning is helping to spot previously unknown threats, including some ransomware strains, threats traditional security tools miss because they rely on signatures, or static rules, from known malware to stop potential infections.

Most machine learning technology is supervised, meaning humans are required to continually introduce new data to train the algorithms in use. This helps refine results to keep them relevant. Going forward, the goal is to utilize unsupervised machine learning, whereby the dynamic models perform most of the work on their own.

AI brings a Single Security View

As AI security models evolve, chief information security officers (CISOs) and their staffs need a straightforward way to review data so they can act on it. Just as organisations benefit from a single view of all their data, from internal processes, customers, partners, and supply chains, so do security teams when preparing cyber defenses.

A single view lets security teams access all threat data in one place, including the results produced by machine learning models. Using one dashboard, cyber-security professionals can review, at a granular level, all data samples flagged as potential malware.

This will help them discern good from bad. If something is bad, security teams will be able to determine what makes it so, and build behavioral profiles and tailored responses to protect against the threats.

An aggregate view of threat data allows cyber-security professionals to focus on risks in addition to responding to threats. They can figure out what causes and constitutes risk, and how to make realistic predictions of incremental risk going forward. As such, security professionals are better able to make a case to the C-suite for the necessary security investments.

Without a single view, it’s tougher to make sense of an organisation’s ever-increasing volumes of threat data and spot some of the subtlest threats.

With that in mind, organisations should consider integrating their AI security initiatives with a single view to better protect themselves against an increasingly dangerous threat landscape.

HortonWorks:

You Might Also Read: 

AI Will Underpin Cybersecurity:

AI Cyber Attacks Will Be Almost Impossible For Humans to Stop:

« Cybercriminals Use Fake Websites
Combating The Threat Of Malicious AI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

RiskLens

RiskLens

RiskLens is a software company that specializes in the quantification of cybersecurity risk.

Picus Security

Picus Security

Huge gaps often exists between the "perceived"​ and "actual"​ IT security level of an organization. Picus Security continuously assesses security controls and reveals deficient ones before hackers do.

Future of Cyber Security Europe

Future of Cyber Security Europe

Future of Cyber Security Europe is a European wide event examining the latest cyber security strategies and technologies.

Logic Supply

Logic Supply

Logic Supply is a global industrial PC company focused on hardware for the IoT edge. We design highly-configurable computers engineered for reliability.

OpenZeppelin

OpenZeppelin

OpenZeppelin builds developer tools and performs security audits for distributed systems that power multimillion-dollar economies.

Kickstart

Kickstart

Kickstart supports your startup in scaling deep technology businesses in Switzerland in areas such as AI, Blockchain and Cybersecurity.

ePLDT

ePLDT

ePLDT delivers best-in-class digital business solutions that include Cloud, Cyber Security, purpose-built Data Center facilities and Managed IT Services.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

Informatics International

Informatics International

Informatics is a leading ICT provider in Sri Lanka, providing cutting-edge software & infrastructure solutions and services including cyber security.

Pentesec

Pentesec

Pentesec is a security specialist offering professional services, managed security services and expertise within an extensive range of security technologies.

PA Consulting

PA Consulting

PA Consulting Group is a consultancy that specialises in strategy, technology and innovation. Our cyber security experts work with you to spot digital and technology security risks and reduce them.

FastNetMon

FastNetMon

FastNetMon is a very high performance DDoS detection and mitigation tool which could detect malicious traffic in your network and immediately block it.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

BLOCX

BLOCX

BLOCX is designed to address the ever-growing challenges of managing and securing digital devices, from personal computers to corporate networks.