AI Is Evolving Into A Business Necessity

The events of  2020 suggest the next decade decade will be dramatically different than the one before it and it is crucial that  business leaders prepare for the next 10 years unlike any others. In particular, driven by the Coronavirus epidemic Artificial Intelligence (AI) has become an imperative for companies across many industries where it is creating real business value and gaining rapid  adoption. According to  the McKinsey Global Survey “nearly 25 percent year-over-year increase in the use of AI in standard business processes”. 

The transformative power of AI is already affecting a range of functions, including customer service, brand management, operations, people and culture, and more recently, risk management and compliance.

As Business, Education, Healthcare and almost every other aspect of the modern world has embraced the internet, cyber crime has emerged as global marketplace for professional hacking services and governments have turned to advanced cyber attack tools as a means of causing physical damage and disruption to their adversaries’ critical infrastructure. A key milestone came in 2017 when the destructive ransomware WannaCry and NotPetya caught the security world unaware, bypassing traditional tools like firewalls to cripple thousands of organisations across 150 countries, including a number of NHS agencies.

A critical response to the onset of increasingly sophisticated and novel attacks has been AI-powered network defence, a development driven by the philosophy that information about yesterday’s attacks cannot predict tomorrow’s threats. 

Today, thousands of organisations have embraced AI to understand what is ‘normal’ for their digital environment and identify behaviour that is anomalous and potentially threatening. Many have even entrusted machine algorithms to autonomously interrupt fast-moving attacks. This active, defensive use of AI has changed the role of security teams fundamentally, freeing up humans to focus on higher level tasks.

AI Systems Create New Risks 

Early experience shows that AI can create new types of risks for businesses. In hiring and credit, AI may amplify historical bias against female and minority background applicants, while in healthcare it may lead to opaque decisions because of its 'black box' problem. These risks are amplified by the inherent complexity of deep learning models which may contain hundreds of millions of parameters. This encourages companies to procure third-party vendors’ solutions about which they know little of the inner functioning.

Today, offensive AI can used throughout the attack life cycle, from the use natural language processing to understand written language and to create customised  spear-phishing emails at scale or image classification to speed up the exfiltration of sensitive documents. A recent study by Forrester found that 88% of security professionals expect AI-driven attacks will become mainstream in what has already proven to be an era of hyper-change in cyber-attacks, and close to half of them see this happening in the next year, it is only a matter of time. 

There are now offensive AI prototypes available that autonomously determine an organisation’s most high-profile targets based on their social media exposure, all in a matter of seconds. The AI then creates customised phishing emails and selects a plausible fake sender identity to trick victims into clicking on a malicious link or opening an attachment that will grant further access into the target organisation. 

These have been tested against a defensive AI, mimicking what we expect to see happening  in the real world where one AI is combating another in a war of algorithms.

One the leading cyber AI companies, Darktraceclaim that its Cyber AI Analyst product has performed millions of threat investigations, mimicking human thought processes to zoom in on and explore potential threats and then report on the severity of an attack.

Today, thousands of organisations rely on Cyber AI Analyst to run investigations alongside their teams, delivering a 92% time saving.

Mike Beck, Global CISO at Darktrace, commented, “Today it is almost impossible for human security teams to get through the data and intelligence necessary to perform a meaningful investigation in the time available to them. “AI-powered threat investigation has become the de facto way to scale up security operations and prevent more breaches, with Cyber AI Analyst carrying out on average 1.4 million investigations every week.”

WEF:          Forrester:        Darktrace:        Information Age

You Might Also Read:

Artificial Intelligence Is The Future Of Security:

 

« Facebook & Google Will Be Regulated
The Big US Tech Corporations Are A ‘Monopoly of Power’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

National Cyber Security Centre (CNCS) - Portugal

National Cyber Security Centre (CNCS) - Portugal

CNCS is the operational coordinator and Portuguese national authority in cybersecurity working with State entities, and digital service providers

Deltagon

Deltagon

Deltagon develops information security solutions to protect companies’ confidential information in e-communication and e-services.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

TunnelBear

TunnelBear

TunnelBear is a Virtual Private Network services provider offering secure encrypted access to the internet.

Blake, Cassels & Graydon (Blakes)

Blake, Cassels & Graydon (Blakes)

Blakes is one of Canada’s top business law firms serving national and international clients in specialist areas including cyber security.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

Lumu Technologies

Lumu Technologies

Lumu is a cybersecurity company that illuminates threats and attacks affecting enterprises worldwide.

Next47

Next47

Next47 is a global venture firm, backed by Siemens, committed to turning today's impossible ideas into tomorrow's indispensable industries.

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

iTechArt Group

iTechArt Group

iTechArt is a top-tier custom software development company offering Cybersecurity Consulting, Application Security Testing, Risk Management and Compliance, and Infrastructure Security services.

KirkpatrickPrice

KirkpatrickPrice

KirkpatrickPrice is dedicated to providing you with innovative security guidance and efficient audit services.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.