Organisations Are Adopting AI For Cyber Security

Uploaded on 2020-02-26 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, TECHNOLOGY--Developments, TECHNOLOGY--Resilience

Artificial Intelligence has come a long way. The beginnings of modern AI can be traced to classical philosophers' attempts to describe human thinking as a symbolic system. But the field of AI wasn't formally founded until 1956, at a conference at Dartmouth College, in New Hampshire where the term "artificial intelligence" was coined.

In the Internet Age, more and more organisations are using AI to raise productivity, improve sales and improve customers experiences. But they are also turning to it to shore up their defenses against cyber crime and many firms are already using AI in their cybersecurity initiatives, or plan to introduce it very soon.

To do so successfully, they should build a roadmap for implementing AI in cybersecurity. 

However, 56% of the firms surveyed by Proofpoint say their cybersecurity analysts are overwhelmed, while 23% say they are not able to successfully investigate all identified incidents. Furthrmore, 42% report an increase in incidents through time- sensitive applications. 

The Capgemini Research Institute recently found that one in five organisations used AI cyber security before 2019, with almost two-thirds planning to implement it during 2020.

The technology is used across the board in the detection and response to cyberattacks.But as with mny advances in technology, criminals and the military enemy are using AI technology to increase the speed, effectiveness and impact of hacks. 

Organisations now find themselves in an arms race. One that we can only win by embracing this rapidly evolving technology as part of a broad, deep defence.

Artificial Intelligence in Cyber Security 
There’s no doubt that the cyber security industry is convinced of the worth of artificial intelligence. The AI cyber security market is already valued at $8.8b and is expected to be over $38b by 2026. What started out with fairly simple yet effective use cases, such as the email spam filter, has now expanded across every function of the cyber security team.

Today, AI is a vital line of defence against a wide range of threats, including people-centric attacks such as phishing. Every phishing email leaves behind it a trail of data. This data can be collected and analysed by machine learning algorithms to calculate the risk of potentially harmful emails by checking for known malicious hallmarks. 

The level of analysis can also extend to scanning attached files and URLs within the body of a message, and even, thanks to a type of machine learning known as computer vision, to detecting websites that impersonate the login pages of major phishing targets. The same machine learning model can also be applied to other common threats such as malware, which grows and evolves over time and often does considerable damage before an organisation knows what it’s up against. 

Cyber security defences that employ AI can combat such threats with greater speed, relying on data and learnings from previous, similar attacks to predict and prevent its spread. As the technology continues to develop, so too will its prevalence within cyber security defence.   

Over 70% of organisations are currently testing use cases for AI cyber security for everything from fraud and intrusion detection to risk scoring and user/machine behavioural analysis.

Perhaps the biggest benefit of AI, however, is its speed. Machine learning algorithms can quickly apply complex pattern recognition techniques to spot and thwart attacks much faster than any human.

Artificial Intelligence in Cyber Attacks and Security
Unfortunately, while AI is making great strides in defending against common threats, it’s making it far easier for cyber-criminals to execute them too.

Phishing: AI has the potential to supercharge this threat, increasing the ease, speed and surface of an attack. Even rudimentary machine learning algorithms can monitor correspondence and credentials within a compromised account. 
Before long, the AI could mimic the correspondence style of the victim to spread malicious emails far and wide, repeating the attack again and again.
Malware: AI can facilitate the delivery of highly-targeted, undetectable attacks. IBM’s AI-powered malware proof of concept, DeepLocker, is able to leverage publicly available data to conceal itself from cyber security tools, lying dormant until it reaches its intended target. Once it detects the target, either via facial or voice recognition, it executes its malicious payload.

AI’s speed will also likely prove to be a major benefit for cybercriminals, as it is for those of us defending against it. Machine learning could be deployed to circumnavigate and break through cyber security defences faster than most prevention or detection tools could keep up.

 AI will not only exacerbate existing threats – it’s already creating new ones. Sophisticated machine learning techniques can mimic and distort audio and video to facilitate cyberattacks. We have already seen this technology, known as DeepFakes, in the wild. In March of this year, an unknown hacking group used this approach. The group impersonated the parent company’s CEO to convince the subsidiary managing director to make an urgent transfer to a Hungarian supplier. Convinced he was talking to his boss, the he complied with the request and the money was successfully stolen.

As AI becomes ever-more convincing in its ability to ape human communication, attacks of this nature are likely to become increasingly common.

Winning the AI Arms Race
When you find yourself in an arms race, the only way to win is to stay ahead. For the cyber security industry, this is nothing new. While the tactics and technologies may have changed, the battle to stay in front has raged for decades.
In this latest standoff, to keep pace with AI-powered threats, we must embrace AI-powered defence. That being said, AI should not be considered the universal panacea.

When it comes to successfully defending against modern cyberattacks, there is no silver bullet, AI or otherwise. A strong defence must be deep, multifaceted and, despite the ‘rise of the machines’, people-centric.

There is no doubt that artificial intelligence is now a hugely important line of cyber defence. But it cannot and should not replace all previous techniques. Instead, we must add it to an increasingly sophisticated toolkit, designed to protect against rapidly evolving threats.

Live Science:       CapGemini:       Information Age:     Image: Alan Lomas

You Might Also Read: 

The Human Effect On AI Security:

 

 

 

« Hamas Hackers Use New Malware
McLaren F1 Racing Are Cyber Secure With Darktrace »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Cybrary

Cybrary

Cybrary is an open-source cyber security and IT learning and certification preparation platform.

Cybersecurity Advisors Network (CyAN)

Cybersecurity Advisors Network (CyAN)

CyAN provides a not-for-profit platform that helps private and public organisations as well as governments to identify trusted advisors in the area of Cyber Security and Cyber Crime.

SMESEC

SMESEC

SMESEC is a lightweight Cybersecurity framework for protecting small and medium-sized enterprises (SME) against Cyber threats.

Octane OC

Octane OC

OCTANe is building the SoCal of tomorrow. We drive innovation and growth by connecting people, resources and capital. Our Incubator focus is FinTech, Data Analytics and Cybersecurity.

ForAllSecure

ForAllSecure

ForAllSecure’s mission is to make the world’s software safe by pioneering autonomous cybersecurity tools that automatically find and fix vulnerabilities in run-time executable software.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Falcongaze

Falcongaze

Falcongaze SecureTower is a comprehensive DLP solution for the protection of business against internal threats.

South East Cyber Resilience Centre (SECRC)

South East Cyber Resilience Centre (SECRC)

The South East Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

ISECURION Technology & Consulting

ISECURION Technology & Consulting

ISECURION is an information security consulting company. We provide a unique blend of services to our customers catering to the current information security landscape.

Rimini Street

Rimini Street

Rimini Street is a global provider of enterprise software support products and services, and the leading third-party support provider for Oracle and SAP software products.

Gravitee

Gravitee

Gravitee helps organizations manage and secure their entire API lifecycle with solutions for API design, management, security, productization, real-time observability, and more.

PreVeil

PreVeil

We started PreVeil to bring radically better security to ordinary business and personal communication and information storage.

Splashtop

Splashtop

Splashtop’s cloud-based, secure, and easily managed remote access solution is increasingly replacing legacy approaches such as virtual private networks.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.