Artificial Intelligence Is The Future Of Security

Uploaded on 2020-09-29 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Developments, FREE TO VIEW

In 2020, the average cost of a data breach is $3.86 million worldwide and $8.64 million in the United States, according to IBM Security and as Artificial Intelligence (AI) and Machine Learning (ML) are increasingly being used across business, they are being tasked with solving some of the largest operational issues with cyber security amongst the highest priorities.  

As IT systems become more complex we must keep reviewing and securing our technology infrastructure with micro services, IoT, and cloud services.

Organisations should use AI to monitor and combat malware and phishing attacks. This can also be used to help security teams and help them to monitor the growing volume of threats.

Malware and Phishing Attacks

Malware and phishing attacks are growing more sophisticated. Malware creators continue to create new versions and they dump the old versions to evade detection. Machine learning can monitor the different versions of malware being used it can focus on the new criminal practices. By identifying these new viruses, or variants of existing ones they can be shut down in real time.

Phishing attacks are similar to finely tuned marketing emails. Perpetrators can mine the web to find out not only your name and email address but also where you work, your interests, and the names of your trusted friends and co-workers. AI enables hackers to build customised individual profiles and then use them to email phishing messages.Hackers are also learning to analyse email responses to see what wording triggers greater click-throughs. 

To combat this, we can set up AI to monitor the network to determine patterns of our employees’ daily activity. Once that baseline has been established, the model can identify when a click on a phishing link is out of the norm and shut down the malicious activity before user credentials can be compromised. It is a very targeted safety wall, constructed around the user, causing minimal disruption to the network and business as a whole.

Joining the Arms Race

The AI community has always been a strong backer of open source. They regularly share source code and data sets to help further the growth of this promising technology. Unfortunately, you can’t put barbed wire around the code repositories to keep the bad guys out.

When you pair these readily available tools with the compute power of the cloud, any hacker has the tools and infrastructure to construct AI-powered attacks to devastating effect.

While our data is limited on how many hacks are fueled by AI, we do know this will be a mandatory skill in the hacker toolkit in the years ahead. With AI tools becoming more powerful every day, and compute time getting cheaper, what hacker wouldn’t want to pump up their attacks on steroids? It truly is an arms race where organisations will be forced to deploy AI security solutions just to keep pace with rogue actors.

Protecting Your AI From Hackers

There is a flip side to this issue: According to Gartner, 37 percent of organisations have implemented artificial intelligence to some degree - an almost fivefold increase from four years ago. AI and ML are quickly becoming critical components of our IT infrastructure. That makes them a target. If hackers can access our AI, they can poison our data to infect our model. They can exploit bugs within our algorithm to produce unintended results. Whether it’s a drone flying a military mission or a workflow that gets products out to your customers, failure can be catastrophic.

AI And Security Personnel

Now we are aware of how robots and AI are poised to take our jobs. But more often than not, AI will complement our jobs, making us more effective in our role. Network security is no different. AI security tools aren’t something you install and forget about. They are machine learning models that must be trained on millions of data points. If the model isn’t producing the desired response, you are more vulnerable than ever since you are operating under a false sense of security.

The work doesn’t stop once the model has been vetted. This new monitoring will likely trap considerably more anomalies than your previous solution. Security professionals will need to sort through these alerts to separate the potential threats from the noise. Without proper diligence, everything becomes noise.

Limitations Of AI 

AI and ML are not magic wands that you can wave to suddenly secure your organisation. Security personnel must work closely with these models to train and hone them, and these professionals are neither cheap nor easy to find. Another challenge is data and cost:

We need to amass enough clean data to build a robust algorithm we can trust. Clean data doesn’t just happen – it must be analyzed and verified for accuracy.

The cost of storing massive amounts of data and purchasing the necessary compute time to run hefty ML algorithms is significant, and implementing an all-encompassing AI security solution may be too costly for some. According to the Harvard Business Review, 40 percent of executives reported that the technology and required expertise of AI initiatives are too expensive.

Traditional anti-virus and firewall solutions can’t keep pace with zero-day threats and the wave of malware variants. AI and ML provide a proactive solution. They can find behavioral patterns from the user community to stop threats before they start. AI can help security professionals digest mountains of data to pinpoint problems.

They can help us keep pace with an AI-powered hacking community intent on doing us harm

AI still has some maturing to do before it becomes the security solution for all businesses, but it’s progressing quickly. It’s difficult to imagine the future of IT security without AI and machine learning at the center of it.

Harvard Business Review:       Towards Data Science:    Enterprisers Project 2019:    Enterprisers Project 2020:  

You Might Also Read:

AI Helps Organisations Resist Cyber Crime:

 

« Social Media Campaigns Designed To Disrupt US Election
Chinese Hackers Spying On US Government Agencies »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer

Freshfields Bruckhaus Deringer is a global law firm with a track record of successfully supporting the world's leading corporations, financial institutions and governments.

CDNetworks

CDNetworks

CDNetworks is a global content delivery network with a fully integrated cloud security solution, offering unparalleled speed, security and reliability for the almost instant delivery of web content.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

Visa

Visa

Visa is a global payments technology company that connects consumers, businesses and banks in more than 200 countries and territories worldwide.

ComCode

ComCode

ComCode provides consulting services and solutions in the area of digitization and cyber security for mid-sized and big businesses.

CyberSift

CyberSift

CyberSift is a cyber security provider. We develop threat detection software which needs no infrastructure changes as it integrates with almost any security tool.

Quadrant Information Security

Quadrant Information Security

Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data.

Jumio

Jumio

Jumio’s end-to-end identity verification and authentication solutions fight fraud, maintain compliance and onboard good customers faster.

Bridewell

Bridewell

Bridewell provide cost effective Security & Risk Assurance Services across Information Security, Cyber Security, Technology Risk, Security Testing and Data Privacy.

FortifyIQ

FortifyIQ

FortifyIQ's mission is to advance maximum security against side-channel attacks across the entire computing spectrum.

NorthStar

NorthStar

NorthStar provide the visibility needed to track and reduce risk through risk-based vulnerability management and vulnerability exploit prediction.

Auriga

Auriga

Auriga create innovative software and have become a benchmark for high quality banking software including cyber security solutions to protect business critical devices.

Catalyst Campus For Technology & Innovation

Catalyst Campus For Technology & Innovation

Catalyst Campus is a collaborative ecosystem to create community, spark innovation and stimulate business growth.

Icon Information Systems (ICONIS)

Icon Information Systems (ICONIS)

ICONIS is an integrated infrastructure and service provider, offering unified Information Technology (IT) solutions globally.

Slide

Slide

Slide is a modern, security-first Business Continuity & Disaster Recovery (BCDR) company built exclusively for Managed Service Providers.