Democratising technology for cyber security — sounds like a nice idea. And, it’s entirely necessary.
‘I don’t like those odds’
It is approximately 400 times more expensive to defend against a cyber attack than it is to carry one out, which is why companies are facing a daily onslaught, whether it’s in the form of phishing or DDoS attacks.
Cyber security is expensive, really expensive and only the biggest companies to date have been able to furnish themselves with the technology they need to defend successfully against an attack. But, even these aren’t bullet proof and when it comes to the SMEs; there are horror stories of cyber attacks simply wiping them out.
It’s clear there is a need to democratise technology for cyber security — so that organisations can rely on computing power rather than consulting power — the latter being the far more costly option.
Cyber security consulting
The majority of cyber security today has been delivered using the power of consultants, which makes things terribly expensive and shrouds the whole area in mystery; rather than empowering people to take charge of their own cyber security.
The vendor is crucial to this new, democratic era of cyber security. They need to build solutions that target real problems, not niche or edge problems which often we see a lot of hype and marketing noise around.
That’s why they hold a core tenant of democratising cyber security to be “useful innovation”, this means building solutions that people need in a way that delivers the most value as quickly as possible.
For Red Sift this meant starting with a focus on email security. Given it’s the backbone of businesses everywhere it’s still one of the main entry points for cyber attacks to businesses, so helping people to secure their email is bound to have the largest impact.
Tech Nation’s cyber security cohort: Red Sift’s company profile
Democratising technology for cyber security
The whole idea of democratising technology for cyber security is borne out of the needs of the customer.
“For smaller companies, they can’t afford the consultancy-led approach to deploying cyber security solutions, because cyber security specialists are very hard to find and very rare,” explains Rahul Powar, founder and CEO of Red Sift.
This is an issue that relates to the security talent gap, where it is estimated that three million cyber security jobs are out there globally that are unfilled. The real challenge for smaller organisations then, is what do you do if you can’t get access to these cyber security specialists? AI can help.
The power of AI in cyber security
AI can help organisations, with limited budgets and resources, drive effective cyber security.
AI technologies are getting to the level of sophistication required for this. And, properly implemented they can do quite a lot of what a cyber security professional would otherwise do manually, automatically.
AI in cyber security: predicting and quantifying the threat
What about the larger organisations?
In the large organisations, “we see that the cyber-services led approach tends to favour forensic style investigations and other things that happen after the fact, simply because the data rate or the line rate of whether it’s email traffic or network traffic is generally too hard for people to look at on an event-by-event basis,” explains Powar.
“For our larger customers, the fact that we are deploying things like anti-phishing solutions in line with the messages automatically means that you have less escalation and less manual remediation that has to be done — which most security operations centres really struggle with given the volume of data compared to the number of people they have.”
In these cases, AI can be a real differentiator. The technology starts to alleviate the need for some of these professionals inside security operations for the larger organisations. And for the smaller ones, it allows them to have an automated security operation to some extent.
Cyber security best practice: Definition, diversity, training, responsibility and technology
No silver bullet
However, AI does not represent a silver bullet — one of the dangers in cyber security is believing in this. “Anyone purporting to supply one is doing the industry as a whole, a disservice,” claims Powar.
Any solution that is out in the market needs to sit and operate within a much more complex ecosystem: things like appropriate process, customer and employee education, good cyber hygiene, the right remediation flows, the right escalation flows et cetera. All of these factors are critical when deploying any ‘machine-learning based solution’ that aims to solve an organisation’s cyber security problem.
Instead of replacing, AI-based cyber security solutions should assist and reduce the cognitive load of the employee or customer. “Technology should augment appropriately trained staff members,” says Powar.
How do you make technologies accessible, in terms of price, and deployment and operational complexity?
One of the challenges for a lot of cyber security solutions is they are typically meant to be deployed and operated by experienced cyber security professionals, which is not something that most businesses have access to unless they are past a certain level of size and complexity.
The onus is on the vendors, such as ourselves, if they want to further this democratisation idea, to make their solutions easily understandable. There’s no reason in my mind why a cyber security solution shouldn’t be as easy to deploy and operate as an email account.
Cyber security is relevant for everyone and understandably, many businesses having to deal with it are just not that sophisticated. There is an emerging market for businesses that are trying to create more accessible cyber security solutions for a larger portion of the market than has typically been considered.
Big changes on the horizon
According to Powar, there are going to be two big changes in the cyber security landscape.
One of those, from a technology perspective, is going to be around security by design.”Fundamentally, many of the challenges that we face from a cyber security perspective are because the protocols and the technologies that we use and rely on are typically not designed with security as a core requirement,” he explains. “Whether we look at the web the way it was ten years ago, or email the way it is today, we can see that those technologies were not built with security as a primary requirement.”
This is changing. And there are now lots of new standards emerging to effectively try and patch security into these protocols. Moving forward, these will have a much more resilient infrastructure by design.
“One can’t imagine using the web today if they hadn’t put SSL in,” continues Powar. “You need those basic pieces of infrastructure built into the standards that allow people to rely on the technology irrespective of which vendor they’re using for any specific solution. So we’re seeing a lot more activity around the standards and regulatory bodies, basically trying to go in and make sure that they are good, robust standards that make the internet as a whole a safer place for people to do business on.”
The second change Powar predicts is the democratisation of AI technologies, “which means you’re not looking at very large security operations centres at the biggest companies as the only way for organisations to actually run cyber security as part of their day-to-day business,” he says.
The industry is expecting the rise of automation in cyber security, whether that’s through AI or through other complementary technologies where the security operations centre is more of an automated factory of activity.
Red Sift is part of Tech Nation Cyber — the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.