AI Is Critical for Automation of Cybersecurity Threat Detection and Prevention

IT web | May 26, 2020

  • In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different.

  • This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored.

  • The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality.


In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different. Anything that makes use of any form of behavioural analytics will inevitably require the use of algorithms for calculating probabilities, central to the ability to make predictive insight. This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored, we will see it taking a central role in automating threat detection and prevention, among other areas. One of the main reasons why AI has become critical in fighting cyber crime is that cyber criminals themselves are making use of it.


The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality. One example of this is called a deepfake, which uses AI to replace a person’s face or voice in a video – the implications of this are significant. In fact, there was an example of a successful deepfake attack in the UK in 2019, where criminals employed AI-based software to replicate a CEO's voice to execute a cash transfer of €220 000. Using AI, cyber criminals can also gather incredibly detailed personal information from the Internet and social media, allowing them to conduct ever more in-depth social engineering. AI could also be used to improve the success rate of phishing scams. These are currently fairly easy to spot because they typically display poor spelling and grammar, but using AI can dramatically improve this, and learning algorithms mean they will only get better.



Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .
 

“AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security, AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.”


Added to this is the fact that AI can generate attacks far faster than any human could, so the potential of the threat cannot be ignored. Aside from countering AI-based threats with equally intelligent tools, AI has become critical in managing the sheer volume of attacks and potential attacks. With the number of attempted breaches constantly increasing, human cyber security teams have an increasingly challenging task when it comes to monitoring threats and determining which ones merit closer attention. According to the report: The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation: “Machine learning approaches are increasingly used for cyber defence” to learn from known threats and predict how new and future threats might manifest. ML is also used to detect suspicious behaviour and flag areas that may need closer attention.

“AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in.”


Trying to analyse and understand this vast amount of data in time to make a difference to counter the threat is impossible for humans alone. AI and machine learning can be effectively harnessed to automate these activities, sort through the millions of malware files, learn the characteristics of attacks and help to prevent new ones. AI can also be used to analyse voices and writing styles to ensure that people are who they say they are, for improved authentication. Focusing your attention in the right place .AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in. Automation is also essential in ensuring that software is patched and kept up to date with the latest malware signatures to shore up potential vulnerabilities.


With the number of attempted breaches, it is all but impossible to protect against each and every one. It is vital to ensure that your most critical resources are adequately protected, but it is just as important to be able to respond to a successful breach effectively. Basic controls need to be in place and detection and response need to be improved to control the threat, shut it down and minimise the damage. AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security. AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.


Learn more: NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES .
 

Spotlight

Cloud computing continues to permeate across all aspects of information technology, and archiving is no exception. Once considered fraught with risk, high costs, and loss of data control, some may have thought the cloud was a temporary trend, especially as an option to hold and protect sensitive corporate and customer data. Today, cloud solutions for email, security, CRM, and storage have proven the contrary, and are mainstays in businesses of every kind, with momentum to challenge on-premises solutions as the deployment option of choice.

Spotlight

Cloud computing continues to permeate across all aspects of information technology, and archiving is no exception. Once considered fraught with risk, high costs, and loss of data control, some may have thought the cloud was a temporary trend, especially as an option to hold and protect sensitive corporate and customer data. Today, cloud solutions for email, security, CRM, and storage have proven the contrary, and are mainstays in businesses of every kind, with momentum to challenge on-premises solutions as the deployment option of choice.

Related News

DATA SECURITY

Combating industrial cyber threats with new security certifications and products, Rockwell Automation

businesswire | November 19, 2020

Organizations keep on requiring help making sure about their modern activities as they associate creation and IT frameworks and battle with cyberthreats focusing on mechanical control frameworks. To address this issue, Rockwell Automation keeps extending its cybersecurity accreditations and joining progressed security capacities into a greater amount of its items. Rockwell Automation as of late got confirmation to the IEC (International Electrotechnical Commission) 62443-3-3 cybersecurity standard. The accreditation, performed by outsider TÜV Rheinland, implies Rockwell Automation has exhibited the capacity to introduce and arrange creation frameworks to meet security prerequisites to level 1 as characterized on the planet's driving worldwide norm. Rockwell Automation offers reference designs for executing an ensured creation framework, for example, PlantPAx 5.0, the cutting edge disseminated control framework (DCS) for plantwide measure control. The structures were created to assist clients with guaranteeing creation frameworks while limiting the need to purchase new advancements as a component of the cycle. Until now, Rockwell Automation has gotten a few confirmations for the IEC 62443 arrangement of norms. Rockwell Automation likewise as of late got confirmation for the ISO (International Organization for Standardization) 27001 norm, affirming that the organization's data security the board framework used to ensure information fulfills the guideline's prerequisites. This can give significant serenity to clients that Rockwell Automation is utilizing best practices to secure their licensed innovation, for example, when clients use administrations like distant help and observing. “Companies are facing the dual challenge of digital transformation to stay competitive, while also keeping their people, operations and intellectual property secure,” said Sujeet Chand, senior vice president and chief technology officer, Rockwell Automation. “We continue to aggressively expand our cybersecurity skills, certifications, product capabilities and services in ways that help our customers stay ahead of new threats and focus on realizing new possibilities with digital transformation.” Notwithstanding procuring the new confirmations, Rockwell Automation is additionally delivering new items with CIP Security to assist organizations with making sure about their correspondences. Created by the worldwide exchange and standard improvement association ODVA, CIP Security is the simply standard intended to make sure about correspondences between modern control frameworks and different gadgets on an EtherNet/IP organization. New modern control items offering CIP Security include: Allen-Bradley PowerFlex 755T AC drives Kinetix 5300 servo drives Other Rockwell Automation items that as of now uphold CIP Security include: ControlLogix 5580 regulators Kinetix 5700 servo drives 1756-EN4TR correspondence module To help ensure the numerous gadgets being used today that don't uphold CIP Security, Rockwell Automation is additionally presenting the new CIP Security Proxy gadget. At the point when utilized in a truly made sure about area, the gadget gives CIP Security to a wide scope of modern control gadgets and make safer mechanical organizations. About Rockwell Automation Rockwell Automation, Inc. , is a global leader in industrial automation and digital transformation. We connect the imaginations of people with the potential of technology to expand what is humanly possible, making the world more productive and more sustainable. Headquartered in Milwaukee, Wisconsin, Rockwell Automation employs approximately 23,000 problem solvers dedicated to our customers in more than 100 countries. To learn more about how we are bringing The Connected Enterprise to life across industrial enterprises.

Read More

DATA SECURITY

CRITICALSTART Partners with Managed Detection and Response Provider RangeForce

businesswire | January 11, 2021

RangeForce, the organization that is changing network safety preparing, today declared an association with Texas-based CRITICALSTART, a main online protection supplier of Managed Detection and Response (MDR) administrations. Under terms of the understanding, CRITICALSTART will give the RangeForce intelligent network safety preparing stage to its clients. RangeForce's double way to deal with digital preparation joins cyberskills recreation modules with a completely incorporated digital reach in a SaaS climate. This mix permits security experts and groups to constantly prepare and shield against genuine assaults in an active and connecting with climate. “We are excited to partner with RangeForce to address the cybersecurity training needs of our customers,” said Tera Davis, Managing Director, CRITICALSTART. “Their approach to cyber simulation can fulfill the unique needs of organizations of all sizes.” RangeForce clients generally start their excursion with on-request preparing modules conveyed through job based, prescriptive learning ways. From that point, students keep on taking provokes that range from fledgling to cutting edge capacities to test their aptitudes and report progress. RangeForce's preparation is a financially savvy option in contrast to conventional preparing and on-premise digital reaches. “Skills training and readiness is crucially important to cybersecurity operations for all types of organizations,” said Jackson Thibodeau, Sr. Director of Channels at RangeForce. “At RangeForce, we have a strong commitment to the channel and CRITICALSTART has a reputation and presence that will help us deliver these solutions to customers in their region.” About RangeForce RangeForce makes creating highly skilled cybersecurity defenders simple, flexible, and fast for all enterprises. Powered by the industry’s first SaaS-based, integrated cybersecurity simulation and virtual cyber range, we help customers operationalize a security training program in hours, saving up to 65% over traditional training and up to $1M annually on hosted cyber ranges. RangeForce is revolutionizing cybersecurity training with its adaptive learning to rapidly train and cross-train DevOps, IT, and security professionals, while integrating best-of-breed solutions from a growing ecosystem of RangeForce partners.

Read More

DATA SECURITY

AdvIntel & KPMG LLP announce alliance around cyber threat detection and ransomware response

AdvIntel | October 01, 2021

AdvIntel, a leading cybersecurity threat prevention and loss avoidance company with a unique and unparalleled ability to detect and disrupt ransomware and KPMG LLP, the global audit, tax and advisory firm, today announced an alliance around AdvIntel's "Andariel" Threat Prevention & Loss Avoidance Platform. The profile of ransomware victims has moved upmarket over the past year as the adversaries have enhanced their capabilities faster than cyber defenses at an alarming trend. The state of the current cyber security market is full of uncertainties. The current breach response is traditionally reactive, leading to a breach after a breach. Now, with the unique alliance, we are effectively reversing the traditional breach paradigm with the vision to disrupt breaches before they turn into ransomware. Our goal is to bring the world closer to a ransomware-free future via the proactive and preventative breach response. According to AdvIntel CEO, Vitali Kremez Andariel' s ability to track botnet initial compromises enables AdvIntel' s customers to take action before data and personally identifiable information is leaked, which could prevent regulatory, reputational, and legal losses related to data breach legal liability. Ed Goings, KPMG National Lead for Cyber Response Services stated "Intelligence of this level is a complete game changer. Many companies state they provide threat intelligence, but this is the first time I have seen actionable intelligence that can be used to potentially identify corporate ransomware attacks before they happen." Moreover, some of the tracked botnets have a unique relationship with some of the monitored ransomware families. Therefore, by timely identifying botnet activity in their systems, AdvIntel's clients can identify and potentially avert tremendous losses from ransomware attacks. Incident response case support through Andariel enables a corporate cyber investigation team by providing immediate information on the "patient zero", the way cyber infection spreads through the system, as well as the vulnerabilities which lead to the compromise. Andariel aims to significantly decrease the time and resources spent on investigations, as well as to decrease the insurance claims and coverage of the remediation effort. AdvIntel and KPMG will jointly go to market to combat cyber incidents, by providing early-warning alerting, applied threat detection, and long-term strategic threat intelligence. AdvIntel and KPMG are already working jointly with several cyber insurance providers around the threat prevention and loss avoidance needs of their customer base. About AdvIntel AdvIntel is the world's first and only cybercrime and adversarial disruption firm which leverages Andariel, a next-generation threat prevention and loss avoidance platform which has visibility beyond a company's own internal network. Andariel sheds light on the botnet and breach ecosystem in order to spot threats and compromises preemptively and proactively. Whether prolific botnets, ransomware syndicates, cyber extortionists, carders, advanced persistent threat groups, or crimeware operators, Andariel ensures ultimate visibility into these threats before they actualize and do harm. About KPMG LLP KPMG LLP is the U.S. firm of the KPMG global organization of independent professional services firms providing audit, tax and advisory services. The KPMG global organization operates in 146 countries and territories and has close to 227,000 people working in member firms around the world. Each KPMG firm is a legally distinct and separate entity and describes itself as such. KPMG International Limited is a private English company limited by guarantee. KPMG International Limited and its related entities do not provide services to clients. Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

Read More