Machine Learning Transforms Threat Detection

Uploaded on 2020-07-28 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Developments

Organisations and business are being swamped by billions of attempted cyber hacks on a daily basis, which is overwhelming human analysis, however, Machine Learning (ML) is now tipping the advantage toward defenders as it can significantly improve cyber threat detection and prevent threats. ML can manage many information sources and super-correlate information in the millions, billions and trillions daily.

ML comprehends threats in real time, understands the infrastructure of a company and its network design and attack vectors, and protects and defends with human talent and machine power. The algorithm is capable of massive amounts of data mining and these machines don’t stop whereas humans need breaks and sleep.

Improved Detection

An algorithm can learn from its mistakes on the fly. This allows it to always be on its A game. It's always the best version of itself because it's always improving its game. A good ML discipline is one that can "see" patterns of behavior, guessing the form of an attack and how to fight back. The algorithm can be trained with different types of attacks, can learn the methods to gain privileged access and lateral movements, and can even adapt in real time to a situation. An excellent ML approach can learn from false positives.

False positives will always exist, but they're reduced with each interaction with an algorithm because the machine is continuously learning. After implementing an ML system, false positives can be reduced by 50% to 90%.

While ML decreases false positives, it can increase the speed at which threats are detected. That can dramatically shrink the window of compromise for a system. ML detect threats quickly known and unknown threats with unsupervised and reinforced learning. That's why in the chess game between adversary and defender, once an attacker makes a move, all the outcomes from that move can be determined through ML and flagged or blocked.

Cyber Criminals Can Use ML Too

Cyber criminals realise that they can use ML to automate their attacks and eliminate most human intervention. They can write an algorithm, train it with a pattern of attack, and, while the machine is running its sorties, can kick back with a martini by the pool.

That's why defenders need to use ML at every attack vector, at the gateways, at the endpoints, in the cloud, because if there's a gap in a system's defenses, an adversary's ML algorithm will find it. The new cyber-criminal isn't some kid in a dark basement with a computer. It's often a criminal group that's using ML to launch large-scale attacks on thousands of companies at the click of a virtual button.

The Human Factor

Skilled human analysts are sill needed to confirm some actions, make final decisions, and identify exceptions. But with over a million cybersecurity jobs vacancies worldwide, there aren't enough analysts to go around. The large majority of tasks security analysts are being saddled with now is triage work, sorting through threats to find those that need further scrutiny. Fortunately, that kind of work can be done with ML in an effective and efficient way, freeing up analysts' time to address serious threats.

The COVID-19 pandemic has accelerated this shift from off-line processes towards on-line across organisational functions, whether they are corporate, government, or non-profit organisations. Consequently, enterprises have witnessed a significant growth in data and information generated during this pandemic period.

Organisations, particularly in the financial services sector, are investing significantly in Blockchain technology to prepare for the future. Blockchain could become one of the game-changers for the entire world.

The implementation of Artificial Intelligence (AI) and Machine Learning (ML) systems may serve as a solution, bringing with them many benefits in helping to prepare the cyber-security workforce of tomorrow. Currently, the technology’s ability is simple, yet is still of great benefit, in that human staff are freed up to focus on more complex threats, with the AI/ML shield in place to deal with the high volume of more low-level attacks.

Splunk:        TechBeacon:       Enterprise Talk:         Enterprise Talk:      Forrester:      

You Might Also Read: 

AI, Machine Learning & Deep Learning… Whats The Difference?:  

 

« Critical Infrastructure And Cyber Security
Cyber Crime Cost UK Businesses £87billion »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cato Networks

Cato Networks

Cato connects your branch locations, physical and cloud datacenters, and mobile users into a secure and optimized global network in the cloud.

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU Center for Cyber & Information Security (NTNU CCIS)

NTNU CCIS is a national centre for research, education, testing, training and competence development within the area of cyber and information security.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Sistem Integra (SISB)

Sistem Integra (SISB)

SISB provide IT Security Infrastructure & Development, Mechanical & Electrical Services, Fire Safety & Detection Services, Facilities Management & Application Development.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Advens

Advens

Advens is a company specializing in information security management. We provide Consultancy, Security Audits and Technology Solutions.

Caulis

Caulis

Caulis FraudAlert is a cyber security solution. It can detect fraud and identity theft based on users’ online behaviour.

Zighra

Zighra

Zighra is a leading provider of On-Device AI solutions for continuous authentication and fraud detection on mobile and web applications.

SlowMist

SlowMist

SlowMist is a blockchain ecosystem security company providing cybersecurity audits and protection for leading digital asset exchanges, crypto wallets, public chains, and smart contracts.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

Global Cybersecurity Association (GCA)

Global Cybersecurity Association (GCA)

GCA’s Symposium and conferences featuring global thought leaders and CISOs provide a global best practice perspective on cybersecurity.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

Datapac

Datapac

Datapac is one of Ireland’s largest and most successful ICT solutions and services providers. We have been at the forefront of technology innovation in Ireland for the past three decades.

FutureRange

FutureRange

Specialising in IT Managed Services, Cybersecurity and Digital Transformation, FutureRange experts provide professional IT services for clients throughout Ireland and beyond.

WillJam Ventures

WillJam Ventures

WillJam Ventures are a private equity firm focused on investing in world-class cybersecurity companies that will become the next generation of leaders in protecting the world’s digital assets.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.