AI and ML to Reinvent Cyber Security in 2018
We are living in a new digital world, where the technologies including Artificial Intelligence (AI), Machine Learning (ML), Internet of Things (IoT), Block Chain, Big Data, and Cloud Computing are advancing at a blinding pace. Out of these, Artificial Intelligence and Machine Learning are set to be the most prominent technologies that can create a dramatic impact in the way we live, think and operate the business. Developments in AI and ML have the potential to significantly transform various fields of science, mathematics, healthcare, transportation, energy, manufacturing, eCommerce and information technology. Information Security is one another important arena in which AI is in dire need to address some of the complex challenges that humans alone can’t handle. Cyber Security experts view AI and ML as major game changer technologies in the Cyber security space for 2018.
In 2017, the cyber security risks continued to escalate, concerning the frequency, severity and impact and even the Government or Private institutions were not able to get a complete control over it. We witnessed major setbacks in the Cyber security arena with ransomware attacks including WannaCry, Petya and Bad Rabbit spreading around the world, impacting hundreds of thousands of targets, including public utilities and large corporations.
From Advanced Persistent Threats (APT), spear phishing, multi-vector DDoS, ransomware attacks, malware campaigns and botnets, the dangers that are lurking around the Cyber world are getting complex day by day. The challenges with new age cyber-attacks are that the attack vectors and models change every time, making it impossible to detect and classify them with confidence. The introduction of bitcoin currencies and the associated ‘Cryptojacking’ attacks are arising as major threats in the Cyber Security space. In such sensitive times, dealing with advanced multi vector attacks from well-funded criminals or nation-state actors, the traditional security tools and processes are becoming insufficient and incompetent. To deal with the new age sophisticated cyber attacks, organizations need to adapt or augment their technology to parse through large chunks of data and identify the anomalies, which human intelligence alone cannot achieve. Here comes the relevance of artificial/ machine intelligence to augment the human intelligence in all the crucial steps relating to Cyber security and threat intelligence in global organizations. AI can play a significant role in Information security in terms of bringing in automated and assisted reasoning, modeling and simulation and finally arriving at an intelligent decision making, more efficient than human beings can do.
In the current world of data deluge, it is nearly impossible for humans alone to analyze the billions of logs generatedfrom the existing infrastructure components. Integrating AI into the existing systems including Security Monitoring Solutions, SIEM, Intrusion Detection Systems, Cryptographic technologies and Video vigilance systems can help in addressing many of these challenges to a larger extent. Application of AI based technologies into the existing systems will bring in much enhanced systems that help in better decision making. Some of the key areas where in the functionalities of AI makes a difference are:
• Data Mining
• Pattern Recognition
• Fraud Detection
• Fuzzy Logic
• Development of expert Systems
Within the Cyber security sector, these attributes of AI can bring in tremendous benefits, out of which some of them are already in place and there are huge opportunities yet to explore. Machine learning based antivirus systems and tools can help in quickly and accurately identifying malware like Polymorphic virus based on its continuous learning capabilities. Such systems can detect suspicious files based on the behavioral or structural analysis and it helps in detecting threats at an early stage. It can easily determine the likelihood of a malicious virus attack by analyzing and breaking down the DNA of each file.
Along with AI and ML, another aspect of security which CISOs are concerned about is compliance. Every organization needs to be compliant with numerous regulations and non-compliant to any of these can lead to heavy fines. For example, General Data Protection Regulation (GDPR) which will be a reality in few months can cost €20m or 4% of annual global turnover if the organization is found non-compliant. AI and ML with support of cognitive computing is enabling the enterprises to keep a track of their compliance status to avoid any legal issues.
As the digital world is moving fast, we can expect completely automated Cyber-attacks orchestrated by intelligent machines. These expert systems will have the potential to analyze the DNA of past attack models, strategies and utilize its acquired knowledge for organizing new attack models attacks that have higher success rates and larger impact. As human resources alone won’t be enough to combat this, the need of the hour for global organizations, Government and defense agencies is to suit up their existing Cyber security and defense environment with AI and its underlying technologies.
AI and ML are at the evolving stage and still there is a long way to go for organizations of all sizes to enjoy the larger benefits that it brings. To get prepared for an AI led world, the global leaders in the field of Cyber Security need to familiarize themselves with AI, ML and also other latest integrated technologies in security.