Hundreds of companies are incorporating artificial intelligence (AI) into their technologies to predict, prevent and defeat the next major cyber attack. At RSA last month IBM joined the pack, announcing Watson for Cyber Security and demonstrating the huge potential for artificial intelligence to support the infosec community.
With internet crime growing at the rate it is, businesses need all the help they can get. According to PwC, the number of security incidents across all industries rose by 38% in 2015.
That’s the biggest increase in the 12 years since the global study was first published, reinforcing that we need to use all the tools in our armoury to stand any chance of keeping pace with the volume of attacks.
Automation and machine learning is helping us to remove some of the heavy lifting from time-consuming tasks. For example, we can analyse the normal behaviour for privileged users, privileged accounts, privileged access to machines and authentication attempts, and then identify deviations from the normal profile. Machine learning algorithms that continually adjust the baseline means we can continually adapt to a changing risk environment.
Adopting more of this technology will stop us from becoming too overwhelmed by the rise in the number of attacks. But this isn’t just about solving a volume issue; machine learning also helps us to combine insights gathered from customer data and produce a more complete and immediate understanding of evolving threats.
Surely, then, it is the answer we have been looking for to beat cyber attackers? Unfortunately, it’s not that straightforward. Two can play at this game, and cyber criminals are also findings intelligent new ways to use machine learning to their advantage.
AI-driven cyberattacks are able to learn and get better as they evolve. For example, ransomware attacks – already a huge concern for consumers and businesses – are using machine learning to get smarter and more targeted about what information is held hostage and how much to charge for it.
Phishing scams are also becoming far more convincing, using AI to mimic the writing style of friends and colleagues.
Cybercrime is a lucrative business, and attackers are prepared to invest in tools and technologies which will result in a higher number of successful attacks. The more advanced and more targeted attacks which were typically reserved for nation-states and criminal syndicates are becoming available on a greater scale.
The infosec community is moving towards a game of machine versus machine, and for this technology to stand any chance of becoming the saviour of cyber security, businesses need to make sure AI applications learn to defend must faster than they learn to attack.
Continual innovation and industry collaboration will be critical for this technology to identify anomalous behaviour, adapt to a changing risk environment, and get ahead of the cyber criminals.
Sourced by Matt Middleton-Leal, VP, UKI and Northern Europe at CyberArk