Artificial Intelligence Is Cyber Defence

Uploaded on 2018-03-09 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Developments

Cybersecurity companies estimate that new malware variants are introduced at a daily rate of up to 390,000. With each hour that passes, at least 13,000 new files emerge. Humans simply cannot keep up with them, which is why cybersecurity analysts are turning to artificial intelligence (AI) for help.

Fighting the constantly evolving and morphing threat landscape requires a combination of detection and a single view of threat data, in addition to the traditional methods of signature-based malware detection and blocking.

AI helps spot trends, patterns, and anomalies in data that the naked eye cannot discern to help identify and mitigate new types of malware.

A single view of threat data places all the relevant information in one place to empower the people on the front lines of the battle against cybercriminals, especially as attacks continue to rise.

AI Security Battle

As new malware files constantly burst into the cyber scene, an increase in cyberattacks is all but inevitable. In 2016, 638 million ransomware attacks were recorded, more than 167 times the number of incidents in the previous year.

Threats are getting more frequent, varied, and severe. But it takes only one successful try for hackers to break into a network, while defenders must successfully fend off attacks every time.

That’s no easy feat, considering that big data, social media, and the digitization of business processes create enormous volumes of data that have to be processed to find malware indicators.

Security platforms can handle thousands of events per second, but that still isn’t enough to manage the threat landscape.

On top of that, there aren’t enough experienced cybersecurity professionals to keep up with it all. Colleges have only recently started to weave cybersecurity courses into their computer science curricula. It will take some time before the cybersecurity skills gap is filled—if that ever happens, considering how fast the threat landscape changes.

In any case, cyber-criminals aren’t waiting for new people to enter the cyber-security profession to give them a fair shake.

The answer, therefore, is to train AI models to do the job of security analysts by automating manual tasks that are traditionally performed by security operations centers (SOCs).

Security teams are using behavioral analytics and machine learning capabilities to process millions of events per second and detect the subtlest hints of malware.

Use Machine Learning

The herculean task of spotting patterns and anomalies to identify new types of malware requires sifting through eye-popping volumes of data from multiple sources, including threat intelligence reports, IP addresses, white- and blacklists, and millions of endpoints.

Machine learning is helping to spot previously unknown threats, including some ransomware strains, threats traditional security tools miss because they rely on signatures, or static rules, from known malware to stop potential infections.

Most machine learning technology is supervised, meaning humans are required to continually introduce new data to train the algorithms in use. This helps refine results to keep them relevant. Going forward, the goal is to utilize unsupervised machine learning, whereby the dynamic models perform most of the work on their own.

AI brings a Single Security View

As AI security models evolve, chief information security officers (CISOs) and their staffs need a straightforward way to review data so they can act on it. Just as organisations benefit from a single view of all their data, from internal processes, customers, partners, and supply chains, so do security teams when preparing cyber defenses.

A single view lets security teams access all threat data in one place, including the results produced by machine learning models. Using one dashboard, cyber-security professionals can review, at a granular level, all data samples flagged as potential malware.

This will help them discern good from bad. If something is bad, security teams will be able to determine what makes it so, and build behavioral profiles and tailored responses to protect against the threats.

An aggregate view of threat data allows cyber-security professionals to focus on risks in addition to responding to threats. They can figure out what causes and constitutes risk, and how to make realistic predictions of incremental risk going forward. As such, security professionals are better able to make a case to the C-suite for the necessary security investments.

Without a single view, it’s tougher to make sense of an organisation’s ever-increasing volumes of threat data and spot some of the subtlest threats.

With that in mind, organisations should consider integrating their AI security initiatives with a single view to better protect themselves against an increasingly dangerous threat landscape.

HortonWorks:

You Might Also Read: 

AI Will Underpin Cybersecurity:

AI Cyber Attacks Will Be Almost Impossible For Humans to Stop:

« Cybercriminals Use Fake Websites
Combating The Threat Of Malicious AI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

City Security Magazine

City Security Magazine

City Security magazine helps promote best security practices and keep businesses informed on a wide variety of security-related issues.

Hogan Lovells

Hogan Lovells

Hogan Lovells is an international business law firm with offices across Europe, Asia and the USA. Practice areas include Privacy & Cybersecurity.

Norton Rose Fulbright

Norton Rose Fulbright

Norton Rose Fulbright is a global business law firm. Practice areas include Data protection, Privacy and Cybersecurity.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

CyberSwarm

CyberSwarm

CyberSwarm is developing a neuromorphic System-on-a-Chip dedicated to cybersecurity which helps organizations secure communication between connected devices and protect critical business assets.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

10dot Cloud Security

10dot Cloud Security

10dot Cloud Security is a security service management company. Our solutions give you contextualised visibility into your network security.

Foretrace

Foretrace

Foretrace aims to prevent, assess, and contain the exposure of customer accounts, domains, and systems to malicious actors.

FDD Center on Cyber and Technology Innovation (CCTI)

FDD Center on Cyber and Technology Innovation (CCTI)

The Foundation for Defense of Democracies is a nonprofit research institute focusing on foreign policy and national security. Ares of focus include cyber security and technology innovation.

First Focus

First Focus

First Focus is a managed service provider for medium-sized organisations.

CI-ISAC Australia

CI-ISAC Australia

CI-ISAC has been designed to support and promote existing legislation and Government initiatives that are working to uplift cyber resilience across critical infrastructure sectors.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

Var Group

Var Group

Var Group is one of the main partners for innovation in the ICT sector in Italy.

Avanade

Avanade

Avanade is a leading provider of innovative digital, cloud and advisory services, industry solutions and design-led experiences across the Microsoft ecosystem.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).