AI Is The Future Of Defensive Cyber Security

Uploaded on 2022-03-14 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

Digitalisation and the growing network of industrial machines and systems mean an increased risk of cyber attacks on companies and organisations around the world, as well as an increase in the accuracy and complexity of these attacks. 

Artificial Intelligence (AI) is already widely in cyber security, but often it is difficult to determine and to clarify how AI products and services work. 

In fact, AI is gradually becoming an integral part of cyber security, helping organisations of different sizes and industries increase the efficiency of their cyber security. Information technology and telecommunications are the industries with the fastest and most advanced AI adoption process. While AI won't solve all problems, it provides a growing toolbox for accelerating security workflows and better detecting threats. In fact, there are several ways in which AI is already revolutionising cyber security.

Until recently, most cyber-threat detection was performed using small, handwritten pattern-matching programmes (called signatures, rules, or indicators of compromise). The widespread adoption of AI has changed this. Now, security vendors are working to augment signature-based detection technology with AI being used  in every context -  detecting phishing emails, malicious mobile apps, malicious command executions among others.

There are good reasons why AI is unlikely to  replace signatures, because these technologies are complementary to each other.

  • Signatures are good at detecting known threats, AI algorithms, trained on vast threat databases that cyber security companies have accumulated over the years, are better at detecting previously unseen threats. 
  • Signatures can be written and deployed quickly, while AI technologies take a lot longer to train and deploy. And while signature authors can control precisely what threats their signatures will and won't detect, AI is fundamentally probabilistic and harder to control.

Unfortunately, many security technology vendors are not exploring AI applications beyond the its use for attack-detection and to keep pace with future  threats, it will be necessary to explore new application of AI to reinforce the skills of the human operators who are the most important line of defence against attacks. 

This is a real challenge and requires that cyber security leaders keep track of the rapidly evolving AI research and development space just as we track trends in cyber security practice and cyber security threats. 

Main Functions Of AI in Cyber Security 

Detection:   Organisations use AI mainly to detect cyber threats. According to a research from CapGemini, more than 50% of organisations that have implemented AI-based cyber security solutions use it for detection purposes. This is due to the unique capabilities of AI to identify irregular traffic through machine learning or deep learning.

Prediction:   A considerable number of organisations use AI to predict cyber threats. This is done by scanning through data and making predictions based on the system’s training. 
Organisations that adopt AI for prediction purposes can also use the technology to identify critical vulnerabilities, automatically identify their assets and network topology, and continuously improve their network defences against any potential cyber attacks.

Response:   The AI forms of responding to cyber threats evolve continuously. Organisations can now use AI to detect attacks and stop them at the same time. They can automate the creation of a virtual patch for a detected threat or develop new protection mechanisms in real time. 

AI can helps reduce costs, improve threat response time and respond to breaches, regardless of the  specific characteristics in which it is used.

With the rapid evolution and growing complexity of the  threat landscape, CIOs, CTOs, and IT and SecOps teams have to commit to exploring new and creative ways of applying AI technology that focus on helping the human operators that our network security ultimately depends on.

Organisation which intending to implement strong defensive measures need a skilled and experienced cyber security workforce, which is not easy to find. The number of individuals interested in taking courses in cyber security is increasing. This trend is only expected to grow as the demand is much higher than the supply of cyber skilled security professionals  

For advice and recommendation on  Cyber Security Education & Training please contact Cyber Security Intelligence.

Dark Reading:       Nexus Integra:      PECB:      CapGemini:   Allianz:      Mistral Solutions

You Might Also Read:

Artificial Intelligence Is Being Badly Used In Cyber Security:

 

« New Tools To Detect Cyber Attacks
Zero Trust In The Boardroom »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

OCERT

OCERT

OCERT is the National Computer Emergency Response Team of Oman.

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

AEI Cybersecurity

AEI Cybersecurity

AEI brings together companies, Research Centres, Universities, and other organizations interested in promoting new cybersecurity technologies.

Qatar Computing Research Institute (QCRI)

Qatar Computing Research Institute (QCRI)

QCRI perform cutting-edge research in such areas as Arabic language technologies, social computing, data analytics, distributed systems, cyber security and computational science and engineering.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

SK IT Cyber Security

SK IT Cyber Security

SK IT provide services and solutions for cybersecurity and advanced information system engineering.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

BrandShield

BrandShield

BrandShield is an anti-counterfeiting, anti-phishing and online brand protection solution.

Elevate Security

Elevate Security

Elevate is the leading Security Behavior Platform, changing employee security habits while giving security teams unprecedented visibility.

TestArmy

TestArmy

TestArmy CyberForces provide you with a broad spectrum of cybersecurity services to test every aspect of your IT infrastructure security and software development process.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Data Priva

Data Priva

Data Priva is the UK's leading subscription-based data protection, governance, risk and and compliance service.

HiddenLayer

HiddenLayer

HiddenLayer is a provider of security solutions for machine learning algorithms, models and the data that power them.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.

CyberSalus

CyberSalus

CyberSalus is a pioneering cyber tech services company dedicated to protecting the digital integrity of healthcare organizations.