AI Is Critical for Automation of Cybersecurity Threat Detection and Prevention

IT web | May 26, 2020

AI Is Critical for Automation of Cybersecurity Threat Detection and Prevention
  • In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different.

  • This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored.

  • The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality.


In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different. Anything that makes use of any form of behavioural analytics will inevitably require the use of algorithms for calculating probabilities, central to the ability to make predictive insight. This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored, we will see it taking a central role in automating threat detection and prevention, among other areas. One of the main reasons why AI has become critical in fighting cyber crime is that cyber criminals themselves are making use of it.


The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality. One example of this is called a deepfake, which uses AI to replace a person’s face or voice in a video – the implications of this are significant. In fact, there was an example of a successful deepfake attack in the UK in 2019, where criminals employed AI-based software to replicate a CEO's voice to execute a cash transfer of €220 000. Using AI, cyber criminals can also gather incredibly detailed personal information from the Internet and social media, allowing them to conduct ever more in-depth social engineering. AI could also be used to improve the success rate of phishing scams. These are currently fairly easy to spot because they typically display poor spelling and grammar, but using AI can dramatically improve this, and learning algorithms mean they will only get better.



Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .
 

“AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security, AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.”


Added to this is the fact that AI can generate attacks far faster than any human could, so the potential of the threat cannot be ignored. Aside from countering AI-based threats with equally intelligent tools, AI has become critical in managing the sheer volume of attacks and potential attacks. With the number of attempted breaches constantly increasing, human cyber security teams have an increasingly challenging task when it comes to monitoring threats and determining which ones merit closer attention. According to the report: The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation: “Machine learning approaches are increasingly used for cyber defence” to learn from known threats and predict how new and future threats might manifest. ML is also used to detect suspicious behaviour and flag areas that may need closer attention.

“AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in.”


Trying to analyse and understand this vast amount of data in time to make a difference to counter the threat is impossible for humans alone. AI and machine learning can be effectively harnessed to automate these activities, sort through the millions of malware files, learn the characteristics of attacks and help to prevent new ones. AI can also be used to analyse voices and writing styles to ensure that people are who they say they are, for improved authentication. Focusing your attention in the right place .AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in. Automation is also essential in ensuring that software is patched and kept up to date with the latest malware signatures to shore up potential vulnerabilities.


With the number of attempted breaches, it is all but impossible to protect against each and every one. It is vital to ensure that your most critical resources are adequately protected, but it is just as important to be able to respond to a successful breach effectively. Basic controls need to be in place and detection and response need to be improved to control the threat, shut it down and minimise the damage. AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security. AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.


Learn more: NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES .
 

Spotlight

The cloud computing landscape continues to realize explosive growth. This white paper outlines what IT and security professionals need to know about the significant security risks of big data, including critical security vulnerabilities, risks, and challenges, key business and technical issues such as controls, privacy, and compliance and effective and reliable protection strategies.

Spotlight

The cloud computing landscape continues to realize explosive growth. This white paper outlines what IT and security professionals need to know about the significant security risks of big data, including critical security vulnerabilities, risks, and challenges, key business and technical issues such as controls, privacy, and compliance and effective and reliable protection strategies.

Related News
ENTERPRISE SECURITY

Coalfire announces HITRUST Accelerator with AWS Security Assurances Services (AWS SAS)

Coalfire, a leading cybersecurity firm, announced HITRUST Accelerator, a new program that allows customers to achieve HITRUST CSF Validation up to 50% faster when compared with conventional methods. This program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle. Organizations who attempt to prepare for HITRUST certification internally without the help of an experienced external assessor may have timelines in excess of 2 years to achieve HITRUST Certification. The HITRUST Accelerator program uses a three-step process that provides end-to-end support of an organization's preparation, remediation, and HITRUST Validation. This integrated approach enables Coalfire and AWS SAS to quickly identify compliance gaps, assist with technical remediation, simplify document creation, and expedite the Validated Assessment. By accelerating HITRUST Validation, customers will be able to offer significant assurances over their security and privacy controls, which enables them to focus on innovation and driving adoption. Coalfire and AWS SAS share an obsession in creating innovative solutions that maximize customer success," "This passion and collaboration resulted in a program that helps our mutual customers prepare, remediate, and validate against the HITRUST CSF. By taking industry leaders in cloud security and HITRUST, we aim to revolutionize the way that organizations approach and maintain compliance. This has been a long time coming and we are absolutely thrilled to be launching this program with the AWS SAS team. Jeff Rector, Global Engagement at Coalfire The customer journey is accelerated via three tailored workstreams that are designed to: Prepare the customer for HITRUST Validation by thoroughly defining the technical systems and boundary, conducting a thorough gap assessment, and developing fully customized policies and procedures designed to be HITRUST compliant. Reduce remediation efforts and time to 12 WEEKS in most instances, using automated compliance-as-code packages, 30 days of expert AWS technical guidance and security engineering services, and hands-on AWS support configuring AWS services., and to fast-track the collection of evidence ahead of the Validated Assessment to minimize burden and audit fatigue on compliance teams. Validate the environment with confidence, including end-to-end support during HITRUST QA, Corrective Action Plan creation, and report finalization. About Coalfire Leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As one of the largest firms dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.

Read More

PLATFORM SECURITY

BT launches transformational new security platform, Eagle-i, to predict and prevent cyber attacks

Relentless growth and ever-changing nature of the threat landscape dictates a new, proactive approach to cyber security Customers to benefit from advances in AI and automation, combined with BT's networking expertise, in transformational cyber defence platform Eagle-i builds on BT's recent security investment and partner ecosystem to address issues such as a more than 50 per cent increase in malware traffic over the last 6 months Business and public sector bodies continue to face an exponential growth in the volume and complexity of cyber attacks, with new research from BT identifying a more than 50 per cent increase in malware traffic over the last six months. Alongside a global shortage of skilled security professionals, organisations around the world are struggling to keep a lid on evolving cyber threats and maintain their defences. In response, BT is launching its most sophisticated cyber defence platform yet — Eagle-i. It combines BT's industry-leading network insight with advances in AI and automation to predict, detect and neutralise security threats before they get a chance to inflict damage. The platform has been designed to self-learn from the intelligence provided by each intervention, so that it constantly improves its threat knowledge and dynamically refines how it protects customers across a multi-cloud environment. Eagle-i will utilise an AI layer to provide real-time detection of issues and intelligent automated responses, enabling users to significantly speed up their reaction to security issues and outpace their cyber threats. It is also uniquely able to integrate with technologies from across the security ecosystem so that organisations can both optimise their capabilities and spot any holes in their defences without having to replace existing investments. The platform will underpin how BT protects its global operations and provide phased enhancements and increased functionalities for all BT's managed security services. Security is now at the top of the boardroom and government agenda yet many organisations are seeing their cyber risks increase to unmanageable levels. This situation demands a new, proactive approach. Eagle-i leverages the latest advances in AI and automation to continually monitor, learn and evolve so customers can stay a step ahead of cyber criminals. Kevin Brown, managing director, BT Security About BT BT Group is the UK's leading telecommunications and network provider and a leading provider of global communications services and solutions, serving customers in 180 countries. Its principal activities in the UK include the provision of fixed voice, mobile, broadband and TV (including Sport) and a range of products and services over converged fixed and mobile networks to consumer, business and public sector customers. For its global customers, BT provides managed services, security and network and IT infrastructure services to support their operations all over the world. BT consists of four customer-facing units: Consumer, Enterprise, Global and its wholly-owned subsidiary, Openreach, which provides access network services to over 650 communications provider customers who sell phone, broadband and Ethernet services to homes and businesses across the UK.

Read More

DATA SECURITY

Herjavec Group, a Global Cybersecurity Leader, Accelerates Growth with Acquisition of SEGMENTECH

Robert Herjavec, Founder & CEO of global cybersecurity firm Herjavec Group and a leading investor on the Emmy Award-winning show Shark Tank, proudly announces the strategic acquisition of SEGMENTECH, a North American cybersecurity services firm specializing in Identity and Access Management (IAM) & Privileged Access Management (PAM) solutions for enterprise customers. This acquisition further expands and accelerates Herjavec Group's leading IAM practice by adding world-class Privileged Access Management talent, specializing in implementations of CyberArk, a global leader in Identity Security. "As we have transitioned to a flexible workforce environment, businesses have been forced to accelerate and pivot their digital transformation," said, Robert Herjavec. "As a result, CIOS and CISOs are navigating a paradigm shift in cybersecurity, and the way their security environment needs to be set up. IAM and PAM have become foundational to all security programs, to ensure that the right people access the right data, at the right time, for the right reasons. As a result, we are experiencing a tremendous uptick in demand for services to implement comprehensive IAM and PAM programs." Founded in 2015 by Roy Levy and Boris Zaidfeld, SEGMENTECH is a leading provider of IAM & PAM services and is an expert advisor in DevSecOps and how to secure CI/CD processes. SEGMENTECH supports global enterprise customers through the implementation and expansion of IAM and PAM programs. Both Herjavec and SEGMENTECH are established partners of CyberArk. With this acquisition, Herjavec will further advance its privileged access management practice by putting CyberArk at the core, which enables a security-first approach to decreasing identity-led risk. This acquisition strengthens Herjavec Group's position as an Identity and Access Management leader and will benefit organizations seeking to fortify their cybersecurity defenses,CyberArk has strong relationships with both Herjavec and SEGMENTECH. Their commitment to investing in highly trained cybersecurity professionals, especially in the area of privileged access management, combined with expanded access to CyberArk-based Identity Security solutions, will dramatically improve security for our joint customers. Chris Moore, VP of Global Channel at CyberArk. Herjavec Group and SEGMENTECH customers will benefit from working with highly qualified professionals, including those who have achieved their Guardian certification, the highest level of CyberArk training and a proven track record of capabilities, ensuring enterprises can accelerate, improve, and manage their cybersecurity lifecycle. About Herjavec Group: Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world's most innovative cybersecurity operations leaders, and excel in complex, multi-vendor environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity and Access Management Services, Managed Security Services, Threat Management, and Incident Response. Herjavec Group operates across the United States, United Kingdom, India and Canada.

Read More