Machine Learning Transforms Threat Detection

Uploaded on 2020-07-28 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Developments

Organisations and business are being swamped by billions of attempted cyber hacks on a daily basis, which is overwhelming human analysis, however, Machine Learning (ML) is now tipping the advantage toward defenders as it can significantly improve cyber threat detection and prevent threats. ML can manage many information sources and super-correlate information in the millions, billions and trillions daily.

ML comprehends threats in real time, understands the infrastructure of a company and its network design and attack vectors, and protects and defends with human talent and machine power. The algorithm is capable of massive amounts of data mining and these machines don’t stop whereas humans need breaks and sleep.

Improved Detection

An algorithm can learn from its mistakes on the fly. This allows it to always be on its A game. It's always the best version of itself because it's always improving its game. A good ML discipline is one that can "see" patterns of behavior, guessing the form of an attack and how to fight back. The algorithm can be trained with different types of attacks, can learn the methods to gain privileged access and lateral movements, and can even adapt in real time to a situation. An excellent ML approach can learn from false positives.

False positives will always exist, but they're reduced with each interaction with an algorithm because the machine is continuously learning. After implementing an ML system, false positives can be reduced by 50% to 90%.

While ML decreases false positives, it can increase the speed at which threats are detected. That can dramatically shrink the window of compromise for a system. ML detect threats quickly known and unknown threats with unsupervised and reinforced learning. That's why in the chess game between adversary and defender, once an attacker makes a move, all the outcomes from that move can be determined through ML and flagged or blocked.

Cyber Criminals Can Use ML Too

Cyber criminals realise that they can use ML to automate their attacks and eliminate most human intervention. They can write an algorithm, train it with a pattern of attack, and, while the machine is running its sorties, can kick back with a martini by the pool.

That's why defenders need to use ML at every attack vector, at the gateways, at the endpoints, in the cloud, because if there's a gap in a system's defenses, an adversary's ML algorithm will find it. The new cyber-criminal isn't some kid in a dark basement with a computer. It's often a criminal group that's using ML to launch large-scale attacks on thousands of companies at the click of a virtual button.

The Human Factor

Skilled human analysts are sill needed to confirm some actions, make final decisions, and identify exceptions. But with over a million cybersecurity jobs vacancies worldwide, there aren't enough analysts to go around. The large majority of tasks security analysts are being saddled with now is triage work, sorting through threats to find those that need further scrutiny. Fortunately, that kind of work can be done with ML in an effective and efficient way, freeing up analysts' time to address serious threats.

The COVID-19 pandemic has accelerated this shift from off-line processes towards on-line across organisational functions, whether they are corporate, government, or non-profit organisations. Consequently, enterprises have witnessed a significant growth in data and information generated during this pandemic period.

Organisations, particularly in the financial services sector, are investing significantly in Blockchain technology to prepare for the future. Blockchain could become one of the game-changers for the entire world.

The implementation of Artificial Intelligence (AI) and Machine Learning (ML) systems may serve as a solution, bringing with them many benefits in helping to prepare the cyber-security workforce of tomorrow. Currently, the technology’s ability is simple, yet is still of great benefit, in that human staff are freed up to focus on more complex threats, with the AI/ML shield in place to deal with the high volume of more low-level attacks.

Splunk:        TechBeacon:       Enterprise Talk:         Enterprise Talk:      Forrester:      

You Might Also Read: 

AI, Machine Learning & Deep Learning… Whats The Difference?:  

 

« Critical Infrastructure And Cyber Security
Cyber Crime Cost UK Businesses £87billion »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigiCert

DigiCert

DigiCert is the only provider of enterprise-grade SSL, IoT and PKI solutions. Our certificates are trusted everywhere, millions of times every day, by companies across the globe.

Attivo Networks

Attivo Networks

Attivo Networks is an award winning provider of deception for in-network threat detection, attack forensic analysis, and continuous threat response.

Celare

Celare

Celare delivers DPI based network perimeter monitoring solutions with integrated Big Data security analytics and threat detection.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

Quadron Cybersecurity Services

Quadron Cybersecurity Services

Quadron Cybersecurity Services is a specialist in digital security, data and system protection.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Cryptshare

Cryptshare

Cryptshare is a communication solution that enables you to share e-mails and files of any size securely.

PSYND

PSYND

PSYND is a Swiss consultancy company based in Geneva specialized in CyberSecurity and Identity & Access Management.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

YL Ventures

YL Ventures

YL Ventures funds and supports brilliant Israeli tech entrepreneurs from seed to lead.

Evolution Equity Partners

Evolution Equity Partners

Evolution Equity Partners is an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cyber-security and enterprise software companies.

Defscope

Defscope

Defscope is an Azerbaijani company entirely focused on cybersecurity offering training, security consulting, and other professional services.

GTT Communications

GTT Communications

GTT are a global network provider that serves thousands of multinational and national enterprise, government and carrier customers with a portfolio of advanced connectivity and security services.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

GO Business

GO Business

GO Business are a specialised B2B team within GO that caters to the communication needs of the local business community in Malta.