Trends In Cyber Security Technology

Uploaded on 2020-02-21 in TECHNOLOGY--Developments, FREE TO VIEW

IT security teams today struggle to make sense of the enormous amounts of data modern IT infrastructures generate and consume, while simultaneously prioritising and responding to alerts. This enormous responsibility is one of the reasons why detection and remediation times are so poor. In fact, a malicious attack has an average lifecycle of 314 days from breach to containment, according to the "2019 Cost of a Data Breach Report" by IBM.
 
Data breaches can cause devastating financial losses and affect an organisation’s reputation for years. From lost business to regulatory fines and remediation costs, data breaches have far reaching consequences.
 
The loss of customer trust has serious financial consequences, and lost business is the largest of four major cost categories contributing to the total cost of a data breach. The average cost of lost business for organizations in the 2019 study was $1.42 million, which represents 36 percent of the total average cost of $3.92 million.The Report, conducted by the Ponemon Institute and sponsored by IBM Security, analyses data breach costs reported by 507 organisations across 16 geographies and 17 industries. The study found that breaches caused abnormal customer turnover of 3.9 percent in 2019.
 
Whereas organisations that lost less than one percent of their customers due to a data breach experienced an average total cost of $2.8 million, organisations with customer turnover of 4 percent or more averaged a total cost of $5.7 million, 45 percent greater than the average total cost of a data breach. 
 
Manual and semi-automated checks and interventions cannot keep up with a constantly evolving threat landscape. And, with the average cost of a data breach estimated at $150 per record lost, according to the IBM study,there is a strong case for automating many security tasks. Though Artificial Intelligence (AI) and Machine Learning (ML) have been used in security products for some time, they are becoming increasingly important in modern incident response and security. 
 
The study found that organisations without security automation experienced breach costs that were 95% higher than those with fully deployed automation.
 
Automation is critical for zero-day threat detection in particular as it can bring cyberattack response times down to milliseconds. Contrast this with human response times, which may take hours, days or even months. Critically, AI also helps security teams make more informed decisions. 
 
In a Capgemini Research Institute study, 69% of senior executive respondents said they would be unable to respond to a cyberattack without AI. The same study found two-thirds of organisations plan to employ AI in 2020. Interestingly, many organisations categorised AI as a means of increasing revenues or reducing costs. This cybersecurity automation trend includes notable large companies, such as Amazon, Microsoft and Google, which are each incorporating AI into their internet-based services.
 
Automating Identity and Access Management
As more organisations implement zero trust security frameworks, identity and access management (IAM) will become more important than ever. Considering the new security perimeter, cybersecurity automation trends will likely include further advances in the use of AI to improve the effectiveness of IAM.  Strong and effective passwords are impractical for everyday use. This often positions weak passwords as the only security measure that stands between a user's data and a cybercriminal.
 
Cybersecurity automation trends will include the increased accuracy of biometric authentication. This technology will provide constant authentication by monitoring and analysing user activities, such as typing and mouse movements. AI and machine learning in cybersecurity will also determine if an account is currently compromised or under threat of compromise.
 
Another growing trend is the combination of supervised algorithms and unsupervised learning. This method proves effective in identifying anomalous behavior and triggering reduced or restricted access. It's important to understand the differences between the two types:
 
  • Supervised algorithms extract and learn from patterns in existing data to find relationships not discernible with traditional rule-based approaches. Identifying relationships enables the evaluation and risk scoring of new files that the algorithm has not encountered before, such as zero-day threats.
  • Unsupervised learning finds anomalies, interrelationships and links between unlabeled data sets or emerging factors and variables in order to extract hidden patterns. This can lead to threat predictions -- an almost impossible job for human analysts.
AI and machine learning in cybersecurity will play an even larger role in protecting the customer experience, from account creation and login to service interaction. They will continue to improve the process of assigning risk scores to login attempts. They will also adapt responses to the nature and context of suspicious events, as opposed to locking out a user or terminating a session. Applications overall will be more efficient at recognising genuine user and system activities, while containing and mitigating real threats.
 
AI, Machine Learning and the Edge
In the same way that edge computing has moved compute, storage and network connectivity resources closer to remote devices, AI and machine learning models will be placed on endpoints themselves. These models will feature collaborative information-sharing capabilities that enable dramatically faster identification and termination of threats in real time. For future AI and machine learning cybersecurity technology to be successful, the quality of diverse data sets that the products work with will need to be improved. Semantically enriched data provides more options for meaningful extraction and enables algorithms to produce more precise predictions.
 
AI and machine learning can be used for good and bad. Cybercriminals already harness the power of AI to analyse network defenses and simulate behavioral patterns to bypass security controls. 
 
One significant threat to AI technology is training data poisoning, when bad actors access training data and feed it incorrect data, resulting in faulty decisions. According to Gartner, 30% of all AI cyberattacks will use training data poisoning, AI model theft or adversarial samples to attack AI-powered systems. Fortunately, AI and machine learning enable organisations to protect their users' accounts with more than just a password. For this reason, AI- and machine learning-powered systems look poised to be a central aspect of future IT infrastructure investments. 
 
Even with AI and machine learning capabilities to automate security operations and increase detection rates, organisations still need human teams to be able to understand the scope, severity and veracity of threats found and to prepare an effective response.
 
To embed cybersecurity into the fabric of the organisation and be effective against any insider threats, organisations must bring together human resources, learning and development, legal and IT teams to work closely with the security office and business units. 
 
For more information on employee cyber security training and cyber audits please contact Cyber Security Intelligence.  
 
IBM Security:      Accenture:        TechTarget:         Security Intelligence:         
 
You Might Also Read:
 
The Human Effect On AI Security:
 
 
 
 
« Charming Kittens: Phishing Emails From Iran
Cyber Security Salaries Rise As IT Breaches Increase »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Chatham House Cyber Conference

Chatham House Cyber Conference

14 June 2023 - Connect with cyber security experts and senior policymakers to explore the role of cyber security in the global economy and how to deliver an open and secure internet.

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

WEBINAR: How To Build And Implement An Effective Endpoint Detection And Response Strategy

Join this webinar to learn how the cloud threat landscape is evolving and organizations are deploying more advanced and capable security controls at scale.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Zenith Infotech

Zenith Infotech

Zenith Infotech provide IT consulting and turnkey solution development services including aspects of security.

Reblaze Technologies

Reblaze Technologies

Reblaze provides the world’s best security technologies in a cloud-based website security platform.

Wallix

Wallix

Wallix is a software company offering privileged access management solutions for enterprises, public organizations and cloud service providers

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

AppViewX

AppViewX

AppViewX is a global leader in the management, automation and orchestration of network services in data centers.

Romanian Association for Electronic Industry & Software (ARIES)

Romanian Association for Electronic Industry & Software (ARIES)

ARIES is the Romanian Association for Electronic Industry and Software, the biggest and most influental organization created for the IT&C industry in Romania.

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU Arab Regional Cyber Security Center (ITU-ARCC)

ITU-ARCC acts as ITU’s cybersecurity hub in the Arab Region localizing and coordinating cybersecurity initiatives.

Dracoon

Dracoon

DRACOON is market leader in the German-speaking region for secure enterprise file sharing.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

guardDog.ai

guardDog.ai

guardDog.ai has developed a cloud-based software service with a companion device that work together to simplify network security.

Wazuh

Wazuh

Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.

Vanta

Vanta

Vanta helps companies scale security practices and automate compliance for the industry’s most sought after standards - SOC 2, ISO 27001, HIPAA, GDPR, and other security and privacy frameworks.

Cyberplc

Cyberplc

Cyberplc is a global cybersecurity consulting firm providing services to government, the public sector and enterprises.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.