People Are Saying Machine Learning Will Reduce Cyber-Crime

Uploaded on 2016-12-15 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Developments

Cybersecurity Ventures predicts global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021, which includes damage and destruction of data, stolen money, lost productivity and theft of intellectual property, personal and financial data, embezzlement and fraud.

That doesn’t even include post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data, systems and reputational harm.

While traditional security filters like firewalls and reputation lists are good practice, they are no longer enough. Hackers increasingly bypasses perimeter security, enabling cyber thieves to pose as authorized users with access to corporate networks for unlimited periods of time.

Organisational threats manifest themselves through changing and complex signals that are difficult to detect with traditional signature-based and rule-based monitoring solutions. These threats include external attacks that evade perimeter defenses and internal attacks by malicious insiders or negligent employees.

Along with insufficient threat detection, traditional tools can contribute to “alert fatigue” by excessively warning about activities that may not be indicative of a real security incident. This requires skilled security analysts to identify and investigate these alerts when there is already a shortage of these skilled professionals.

CIOs and CISOs need to pick up where those traditional security tools end and realize that it’s the data that is ultimately at risk. Cloud deployed security shields need to be placed where the data resides as opposed to monitoring data traveling across the network.

The safeguarding of the data is at the heart of security strategies, more critical than protecting the network or the perimeter. CIOs need to pick up where those traditional security tools end and investigate AI cyber-security digital safety nets. IDC forecasts global spending on cognitive systems will reach nearly $31.3 billion in 2019.

Some cyber-security sleuths deploy a variety of traps, including identifying an offensive file with a threat intelligence platform using signature-based detection and blacklists that scans a computer for known offenders. This identifies whether those types of files exist in the system which are driven by human decisions.

However, millions of files need to be uploaded to cloud-based threat-intelligent platforms, scanning a computer for all of them would slow the machine down to a crawl or make it inoperable. But the threats develop so fast that those techniques don’t keep up with the bad guys and also; why wait until you are hacked?

The Mix of Forensics and Machine Learning

Instead of signature and reputation-based detection methods, smart CSOs and CISOs are moving from post-incident to pre-incident threat intelligence. They are looking at artificial intelligence innovations that use machine learning algorithms to drive superior forensics results.

In the past, humans had to look at large sets of data to try to distinguish the good characteristics from the bad ones. With machine learning, the computer is trained to find those differences, but much faster with multi-dimensional signatures that detect problems and examine patterns to identify anomalies that trigger a mitigation response.

The Good, the Bad and the Ugly

Machine learning generally works in two ways: supervised and unsupervised. With supervised learning, humans tell the machines which behaviors are good, bad and ugly, and the machines figure out the commonalities to develop multi-dimensional signatures. With unsupervised learning, the machines develop the algorithms without having the data labeled, so they analyse the clusters to figure out what’s normal and what’s an anomaly.

The obvious approach is to implement an unsupervised, machine learning protective shield that delivers a defense layer to fortify IT security. A self-learning system with the flexibility of being able to cast a rapidly scalable safety net across an organisation’s information ecosystem, distributed or centralized, local or global, cloud or on-premise. Whether data resides in a large health system or is the ERP system of a large energy company or a financial institution, rogue users are identified instantly.

By applying machine learning techniques across a diverse set of data sources, systems become increasingly intelligent by absorbing more and more relevant data. These systems can then help optimise the efficiency of security personnel, enabling organisations to more effectively identify threats. With multiple machine learning modules to scrutinise security data, organisations can identify and connect otherwise unnoticeable, subtle security signals.

Security analysts of all experience levels can also be empowered with machine learning through pre-analysed context for investigations, making it easier for them to discover threats. This enables CISOs to proactively combat sophisticated attacks by accelerating detection efforts, reducing the time for investigation and response.

The Digital Eye Sees All

Once a machine learning system is in place, organisations need to identify solutions that employ behavioral analytics which will baseline normal behaviors and identify irregularities. While the technology is advanced, the concept is simple. A pattern of user behavior is established and stored in the system.

To adequately address the threat, CISO’s should consider using solutions which are ambient to completely surround an intrusion while harnessing the power of the machine learned system’s cognitive nature. This combination creates an evolving “virtual intelligent eye” defense shield that provides real-time behavior analysis and anomalous user access monitoring.

This type of solution provides an eye that learns, understands, recognises and remembers normal user habits and behavior as they use applications in their daily work. The eye generates a digital “fingerprint” based on behavior for every single login, by every user, in every single application and database across the organisation.

If your organisation deploys this type of comprehensive cybersecurity system, a gloomy doomsday scenario offered up by many cyber-security ventures will no longer be a concern.

Information-Management:          IBM Watson Fights Real-Time Cyber Crime:

 

« Surprise: N Korea Hacked S Korea Cyber Command
Russia Has Foiled Cyberattacks By A Foreign Spy Agency »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

Telecom Information Sharing and Analysis Center Japan (T-ISAC Japan)

T-ISAC Japan coordinates information sharing and activities related to ISP/telecommunications network security in Japan.

Nation-E

Nation-E

Nation-E offers innovative cyber security solutions for industrial installations, critical infrastructure and smart grids.

Nexthink

Nexthink

Using our solution, hundreds of IT departments effectively balance offering a productive and enjoyable end-user experience with making the right decisions to secure and transform the digital workplace

RCDevs

RCDevs

RCDevs is an award-winning Software company providing security solutions designed for modern enterprise technologies and suited for SMEs to large corporations.

DAkkS

DAkkS

DAkkS is the national accreditation body for Germany. The directory of members provides details of organisations offering certification services for ISO 27001.

Emirates International Accreditation Center (EIAC)

Emirates International Accreditation Center (EIAC)

EIACI is the national accreditation body for the United Arab Emirates. The directory of members provides details of organisations offering certification services for ISO 27001.

Venrock

Venrock

Venrock helps entrepreneurs build some of the world's most disruptive, successful companies. We invest in technology: Security, Cloud Services, Big Data, Healthcare IT, AdTech.

In-Sec-M

In-Sec-M

In-Sec-M is a non-profit organization that brings together companies, learning and research institutions, and government actors to increase competitiveness of the Canadian cybersecurity industry.

Business Hive Vilnius (BHV)

Business Hive Vilnius (BHV)

BHV is one of the oldest startup incubator and technology hubs in the Baltics, primarily focused on hardware, security, blockchain, AI, fintech and enterprise software.

HancomWITH

HancomWITH

Hancomwith is an information security company. We provide optimized blockchain solutions in areas including next-generation authentication, security and digital asset transaction.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

BaaSid

BaaSid

BaaSid is next generation security technology for data security & security authentication based on De-centralized & Blockchain.

CNF Technologies

CNF Technologies

CNF Technologies is an award-winning cyber company providing technology-focused research and development to commercial, federal, and Department of Defense clients.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.

SUCCESS Computer Consulting

SUCCESS Computer Consulting

SUCCESS Computer Consulting is a leader in managed IT and security services for small and medium-sized businesses in Minneapolis, St. Paul, and the surrounding Twin Cities Metro area.