AI Helps Organisations Resist Cyber Crime

As hackers continuously devise new techniques, adapting the latest technology innovations including machine learning and artificial intelligence to devise more destructive forms of attack. AI has the potential to become the principal weapon in the battle against cyber crime.

AI can be used in cyber security to help detect and mitigate threats, as well as build resilience into organisational operations. Clear measures must be put in place to ensure the AI for cyber is adding value to a company’s overall cyber security strategy.

Curating threat intelligence from millions of research papers, blogs and news stories, AI provides instant insights to help cut through the noise of thousands of daily alerts drastically reducing response times. AI and machine learning techniques a hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. 

There are clear advantages to using AI to automate certain cyber security tasks. Identification of these patterns can contribute to building predictive models to identify attacks before they occur or to provide decision support while an attack is underway.

Organisations are embracing AI, but at the same time the technology is exposing them to new security threats. Cyber-attacks and threats are considered major disruptors to businesses, nations and consumers alike. Artificial intelligence is seen as a major disruptive force too, but of the positive kind, fueling a new era of hyper connectivity, hyper intelligence and hyper performance. 

An increasingly complex business environment is leading organisations to embrace forms of artificial intelligence such as machine learning and facial recognition technology, while using data to build more intimate relationships with consumers.  However. many of these powerful innovations serve to increase thee ‘attack surfaces’ of an organisation, multiplying the level of vulnerability to cyber crime.

Cyber criminals are starting to use AI using to help drive attacks, employing the technology to uncover unsecured points of entry in enterprise networks. 

There are documented cases of criminals using deep fake technology to imitate the voice of company CEOs, leading to the Israel National Cyber Directorate warning against phishing attacks that are being used to demand access to secure networks, or ever money transfers.  In response to these growing threats, China passed a law that makes it a criminal offence to publish deep fakes or fake news without disclosure, while California criminalised the use of the technology in political advertising.
The question organisations are facing as they increasingly rely on AI in their business operations, is can the opportunities offered by AI be leveraged in cyber security to help better prepare, detect and respond to cyber threats or will it further propagate them?

AI For Cyber Security

In October 2019, the World Economic Forum ranked cyber attacks among the top ten global risks of highest concern, tipped to cost business an estimated -US90 trillion over a ten-year-period.  In fact, according to PwC’s 2019 Digital Trust Insights Survey of 3,500 global organisations, 47 percent said they had experienced operational downtime due to a cyber incident between 2017 and 2019.

Companies need to improve the speed at which they detect cyber threats because hackers are now employing AI to discover points of entry in enterprise networks. Deploying AI software to guard against AI-augmented hacking attempts has therefore become a necessary part of cyber security defense protocols. For instance, AI, when used with cyber security, can accelerate processes such as phishing detection via image recognition and automated tracking. Techniques such as natural language processing, data collection and automation can help organisations classify data more effectively, creating better safeguards against future data leaks. 

Platforms that use machine learning can help companies detect suspicious changes in behaviour and draw on the power of ‘deep learning’ to fend off predicted cyber-attacks.

The growing relationship between AI and cyber security has given rise to platforms and technologies that are leveraging big data, AI and automation to make accurate decisions in cyberspace as well as help scale the cyber operations at a much faster rate than is possible with manual human analysis. But how can organisations use AI to become more resilient to cyber crime and anticipate and respond to changes in the threat landscape over time? 

Here are three strategies for putting AI as a core component of your cyber security strategy, and set the stage for secure growth.

1.Identify the cyber security areas where AI can be applied (and will be most effective) it’s critical to consider where AI will bring the most value from a cyber security perspective. Examples include using AI to automate security operations and enable human-like decision making, ensuring that the vulnerabilities in your environment are classified and rated appropriately for remediation, implementing machine learning algorithms to look for anomalous user behaviour or using natural language processing to classify sensitive data in order to better protect it from future threats.

The power of AI for cyber is about automating manual processes or detecting potential attacks before they happen. But moreover, it’s also about the ability for AI to adapt its detection mechanisms to better understand and respond to the changing threat landscape as cyber criminals become more sophisticated.

2. Invest in developing AI-driven cyber security models to augment current cyber capabilities. Organisations are becoming increasingly wise to the ways in which AI is revolutionising cyber security. According to the PWC Digital Trust Insights survey, 41 percent say that their cyber security team uses automation and emerging technologies for threat intelligence, defence and recovery. AI driven cyber security models can run alongside existing automation engines to help take decisions that need intelligence and sophisticated interpretation capabilities.

3. Measure the ways in which AI is adding value to cyber security capabilities. An AI-driven cyber strategy should promote a proactive approach in anticipating and responding to the threat landscape, while fostering data-driven intelligence that grows and evolves at scale. Organisations need protocols in place to measure the ways in which AI and cyber security are working together and govern cyber security strategies. AI is proving the power of technology to augment human decision making and build trust, and in the process, re-imagining cybersecurity in the process. 

Ultimately, an AI-enabled cyber security will lay the foundation for a smarter organisation that holds resilience and intelligence at its heart. AI programs can sift through petabytes of data, identifying anomalies and even helping an organisation recognise and diagnose intrusions before they turn into catastrophic attacks. 

AI can also be used to continually monitor and allocate levels of access to a network’s multitude of legitimate users, whether employees, customers, partners or suppliers, to ensure that all parties have the access they need, but only the access they need.

IBM:       PWC:      Computer Weekly:      Security Informed

You Might Also Read:

Advanced AI For Cyber Operations:

 

« Cyber Security Industry Growth Rate Will Reduce
VPNs – Training and Access – both now available on CYRIN »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

Zimperium

Zimperium

Zimperium offers enterprise class protection for mobile devices against the next generation of advanced mobile attacks.

Cymulate

Cymulate

Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

DKBInnovative

DKBInnovative

DKBinnovative is a best-practice driven IT management firm that provides secure, reliable IT solutions to productivity-focused clients around the globe.

Traced

Traced

At Traced, our aim is to redefine mobile cyber security to provide the best possible protection to everyone against breaches of privacy and security.

Enso Security

Enso Security

Enso is the first Application Security Posture Management (ASPM) solution, helping security teams everywhere eliminate their AppSec chaos with application discovery, classification and management.

Input Output (IOHK)

Input Output (IOHK)

IOHK is one of the world's pre-eminent blockchain infrastructure research and engineering companies.

General Informatics

General Informatics

General Informatics is a team of technology enthusiasts with one mission: to make our clients even more successful through the best use of technology.

Darkscope

Darkscope

Darkscope is an award-winning personalised cyber intelligence service provider. Our cutting-edge AI and Deep Artificial Neural Networks lead the world of cyber intelligence solutions.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

Technology Mindz

Technology Mindz

Technology Mindz is a leading provider of cybersecurity services. We offer a wide range of services to help businesses. Our services are Identity and access management, Governance risk and compliance.

Irys Technologies

Irys Technologies

Irys Technologies specialize in pioneering digital transformation solutions designed to streamline communications and enhance maintenance and operational efficiency for a variety of sectors.

UFS Technology

UFS Technology

UFS, the bank technology outfitter for community banks, provides purpose-built, bank-exclusive technology services and solutions including cybersecurity.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.