Artificial intelligence and cybersecurity: The rise of the machines
INSIGHT ARTICLE |
When we hear references to artificial intelligence (AI) in concert with cybersecurity, images of dystopian futurescapes wasted by malignant robots often come to mind. In reality, these attacks are no longer the stuff of Hollywood imagination. The cyber-threat landscape is changing, steadily becoming more exposed to large-scale, automated cyber attacks. Sophisticated threat-actors have access to highly advanced technology capabilities. Using machine learning (ML) to orchestrate and execute cyber attacks and counter organizational defence, hackers can launch multiple attacks, change attack vectors on the fly – based on responses – and then auto-adopt the attack strategy for increased success. While this certainly seems scary and daunting, all is not lost – the techniques used to attack can also be used to defend. AI and ML models and software are increasingly used by organizations to create highly adaptive, super-responsive shields.
The cybersecurity of the future needs to adapt; it must learn how to find what it has not yet encountered. Self-learning AI networks capable of defending themselves embody this adaptation. These technologies respond in real time, identifying and independently answering cyber threats as they happen.
Many small and medium-sized organizations (SMEs) erroneously believe that they have nothing of value as far as hackers are concerned. This can be a costly misconception. What all companies need to understand is that any organization is a target and any data is worth money. Furthermore, the cost of an attack has reduced to a point where the size of the organization is irrelevant. SMEs are as equally vulnerable to a breach as large organizations.
One of the main changes we have seen is the mainstreaming of hacking. Hackers have become highly organized and complex.
As the volume of attacks grows, we have seen large, powerful, malicious governments and organizations with the capability to create automated machine-based attacks. These actors are looking to perpetrate cybercrime on a grand scale, whether to disrupt other governments or penetrate desirable industries. Cyber attacks on this scale involve rooms full of hackers, often state-sponsored and funded.
The numbers behind cybercrime
According to a recent study conducted by Enterprise Strategy Group (ESG), a Boston-based IT research firm,
12 per cent of the organizations surveyed are already using AI-based security analytics widely. An additional 27 per cent of firms surveyed have partially implemented AI-based cybersecurity. As 2018 progresses, these number will only increase.
Similarly, a study conducted by Symantec, the manufacturer of Norton antivirus, found that in 2017 alone, Canadians experienced the following:
- Thirty-seven per cent of Canadians had experienced some form of online security threat;
- Twenty-nine per cent experienced a credit or debit card scam; and
- Twenty percent were involved in a data breach.
Symantec’s 2017 Internet Security Threat Report revealed that since 2010, over 7.1 billion identities have been exposed in data breaches around the world.
Where AI comes into play
As much as the bad guys are using automated attacking techniques, the same strategy is being applied to defence mechanisms. Relatively recent developments in AI and ML have given cybersecurity professionals important tools. AI-based cybersecurity functions as a cyber immune system; it allows IT security professionals to spend their energy on high-value work, knowing the system is constantly at work, constantly monitoring. These systems defend organizations from even machine-speed attacks and are compatible in all situations.
The volume of data that a machine can process and the speed at which problems can be detected versus the time it takes a human being to find them marks the real security benefit.
AI combined with ML allows companies to create a security response that resembles the human immune system; it constantly adapts. Whereas traditional software typically only protects against known threats, ML doesn't need individual signatures to spot an issue. AI and ML systems depend on patterns as well as the overall behaviour of the network. It ‘understands what is normal’ and monitors accordingly. Anything out of the ordinary it can quickly isolate and flag, either giving the human IT professionals the notification that something is off in a matter of seconds or taking care of the threat itself by following a set of pre-programmed rules.
Not only are AI and ML systems better equipped to protect against unknown threats, their reaction time is so fast they can quarantine in seconds what would take a human being the better part of a day to locate and isolate, thus limiting damage exponentially.
Also, security systems operated using AI ad ML provide collective intelligence across the network, not simply from one machine. Updates can be sent back to the server and updated instantaneously.
Next steps for your firm
While it may be daunting for many firms to invest the funds necessary to upgrade their security systems, the price of not doing so can be a lot higher. The costs of data infractions have grown exponentially over the last few years and the cost of a security incident – including the dent to the company’s reputation – as well as penalties that could be levied add up significantly. In light of this, reprioritizing the budget to facilitate cybersecurity becomes a strategic business decision.
In terms of adoption, ESG’s research found:
- 29 per cent of organizations intend to apply AI-based systems to incident detection, allowing them to improve security alerts and unify their internal incident detection reports across different tools;
- 27 per cent expect AI-based systems to speed up their response to security breaches, which entails refining operations, prioritizing incidents correctly, and using automation effectively;
- 24 per cent plan to use AI-based systems to assist their businesses in effectively recognizing and communicating risks to the business. AI can quickly parse realms of data to quarantine high-risk incidents that require immediate action;
- 22 per cent will employ AI-based systems to develop their situational awareness, using AI to provide a cohesive view of the state of their security across their network.
When beginning to assess the security needs of your firm, starting with the recommendations of your internal IT team is an initial step, but specialized knowledge in the field of cybersecurity is evolving rapidly. Seek input from an external cybersecurity consultant also, to gain access to their knowledge. External consultants who specialize in cybersecurity have a wealth of collective knowledge gleaned from multiple industries and scenarios which can benefit your firm.
Remember, taking a proactive approach to cybersecurity is a strategic business decision. Reach out to an RSM professional to learn more.