- Security TWENTY
- Women in Security Awards
Data security is now more vital than ever. Paul Vidic, Director, Certes Networks, outlines how AI and machine learning will play a fundamental role in enabling organisations to detect, react to – even prevent – emerging cyber threats more promptly and effectively than ever.
Today’s cybersecurity threats are incredibly smart and sophisticated. Security experts face a daily battle to identify and assess new risks, identify possible mitigation measures and decide what to do about the residual risk.
This next generation of cybersecurity threats require agile and intelligent programs that can rapidly adapt to new and unforeseen attacks. AI and machine learning’s ability to meet this challenge is recognised by cybersecurity experts, the majority of whom believe it is fundamental to the future of cybersecurity.
Why is cybersecurity so important?
Cybersecurity is important because it encompasses everything that pertains to protecting our sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems from attempted theft and damage. As the whole world is becoming more digitalised, cybercrime is now one of the biggest threats to all businesses and government organisations around the world.
According to recent reports, cyber criminals exposed 2.8 billion consumer data records in 2018, costing US organisations over $654 billion. Meanwhile, the 2019 Ninth Annual Cost of Cybercrime Study calculated the total value of risk as $US5.2 trillion globally over the next five years. The same report identified the use of automation, advanced analytics and security intelligence to manage the rising cost of discovering attacks.
Enter AI Machine Learning
Artificial Intelligence (AI) and machine learning technologies address these challenges and are giving rise to new possibilities for cybersecurity threat protection. AI in cybersecurity plays an important role in threat detection, pattern recognition, and response time reduction. Adopting AI in cybersecurity offers better solutions when it comes to analysing massive quantities of data, speeding up response times, and increasing efficiency of often under-resourced security teams. AI is designed and trained to collect, store, analyse and process significant amounts of data from both structured and unstructured sources. Deploying technologies such as machine learning and deep learning allows the AI to constantly evolve and improve its knowledge about cybersecurity threats and cyber risk.
For example, by recognising patterns in our environment and applying complex analytics, AI enables us to automatically flag unusual patterns and enable detection of network problems and cyber-attacks in real-time. This visibility supplies deeper insights into the threat landscape which in turn informs the machine learning. This means that AI-based security systems are constantly learning, adapting and improving.
Risk identification is an essential feature of adopting artificial intelligence in cybersecurity. AI’s data processing capability is able to reason and identify threats through different channels, such as malicious software, suspicious IP addresses, or virus files.
Moreover, cyber-attacks can be predicted by tracking threats through cybersecurity analytics which uses data to create predictive analyses of how and when cyber-attacks will occur. The network activity can be analysed while also comparing data samples using predictive analytics algorithms. In other words, AI systems can predict and recognise a risk before the actual cyber-attack strikes.
Of course, fundamental security measures such as malware scanning, firewalls, access controls, encryption, and policy definition and enforcement remain as important as ever. AI does not replace these; rather, it complements them. However, as AI and machine learning technologies continue to mature, it is possible to imagine a time when the cybersecurity industry – having long been at the mercy of the malevolent hacker – may finally have the tools to take the lead.