AI Is Critical for Automation of Cybersecurity Threat Detection and Prevention

IT web | May 26, 2020

  • In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different.

  • This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored.

  • The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality.


In one form or another, artificial intelligence (AI) plays a role in the majority of technology today, and cyber security is no different. Anything that makes use of any form of behavioural analytics will inevitably require the use of algorithms for calculating probabilities, central to the ability to make predictive insight. This capability has become critical in the ongoing war on cyber crime. As the potential for AI and machine learning is further explored, we will see it taking a central role in automating threat detection and prevention, among other areas. One of the main reasons why AI has become critical in fighting cyber crime is that cyber criminals themselves are making use of it.


The threats are more sophisticated than ever before, and the use of deep learning and AI to breach security systems is becoming an increasing reality. One example of this is called a deepfake, which uses AI to replace a person’s face or voice in a video – the implications of this are significant. In fact, there was an example of a successful deepfake attack in the UK in 2019, where criminals employed AI-based software to replicate a CEO's voice to execute a cash transfer of €220 000. Using AI, cyber criminals can also gather incredibly detailed personal information from the Internet and social media, allowing them to conduct ever more in-depth social engineering. AI could also be used to improve the success rate of phishing scams. These are currently fairly easy to spot because they typically display poor spelling and grammar, but using AI can dramatically improve this, and learning algorithms mean they will only get better.



Learn more: HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19 .
 

“AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security, AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.”


Added to this is the fact that AI can generate attacks far faster than any human could, so the potential of the threat cannot be ignored. Aside from countering AI-based threats with equally intelligent tools, AI has become critical in managing the sheer volume of attacks and potential attacks. With the number of attempted breaches constantly increasing, human cyber security teams have an increasingly challenging task when it comes to monitoring threats and determining which ones merit closer attention. According to the report: The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation: “Machine learning approaches are increasingly used for cyber defence” to learn from known threats and predict how new and future threats might manifest. ML is also used to detect suspicious behaviour and flag areas that may need closer attention.

“AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in.”


Trying to analyse and understand this vast amount of data in time to make a difference to counter the threat is impossible for humans alone. AI and machine learning can be effectively harnessed to automate these activities, sort through the millions of malware files, learn the characteristics of attacks and help to prevent new ones. AI can also be used to analyse voices and writing styles to ensure that people are who they say they are, for improved authentication. Focusing your attention in the right place .AI has applications across networking and endpoint security products, threat detection and incident response, removing much of the human element, which is where the potential for error creeps in. Automation is also essential in ensuring that software is patched and kept up to date with the latest malware signatures to shore up potential vulnerabilities.


With the number of attempted breaches, it is all but impossible to protect against each and every one. It is vital to ensure that your most critical resources are adequately protected, but it is just as important to be able to respond to a successful breach effectively. Basic controls need to be in place and detection and response need to be improved to control the threat, shut it down and minimise the damage. AI is being used by cyber criminals, which means it is essential to counter any attacks. In addition, the ability to better predict threats before they happen and shut down attacks faster is central to enhanced cyber security. AI is beginning to play a major role in cyber security and this role will continue to grow and evolve through 2020 and in the future.


Learn more: NEW CYBER THREAT INDEX SHOWS INDUSTRIES ARE UNDER ATTACK IN UNCERTAIN TIMES .
 

Spotlight

A few years ago most firms would manage cybersecurity and make investment decisions based mainly on industry best practices, resulting in their adopting certain technologies, policies and practices, without a detailed understanding of their specific overall cyber risk situation. As a result, very few successfully developed and deployed a strategic, comprehensive and effective cyber risk management framework. Lacking a clear articulation of how cyber risks integrate into organizational risk, many firms experienced a persistent under-funding of information security budgets.


Other News
DATA SECURITY,ENTERPRISE IDENTITY,NETWORK THREAT DETECTION

Radiant Logic Named Winner of 1st Annual Cybersecurity Impact Award

Radiant Logic | August 18, 2022

Radiant Logic, the Identity Data Fabric company, announced today that it has been named the winner of the 2022 Cybersecurity Impact Award for “Best Enterprise Security Solution for Employee and Nth Party Access” from Aite-Novarica Group, a global advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to the Financial Services industry. In its first year, the Cybersecurity Impact Awards program identifies the organizations and vendors pioneering new and disruptive cybersecurity tools and services. Award recipients and their innovations are bringing the financial services industry one step closer to stopping illicit cyber activity. “Our Cybersecurity Impact Awards help CISOs looking for highly innovative solutions that deliver transformative value to the institution,” said John Horn, Cybersecurity Practice Director at Aite-Novarica Group. “Seven judges worked through a rigorous scoring process to select Radiant Logic for this award. Radiant’s unique approach allows CISOs to leverage identity silos across the business, and recreate Identity as a powerful enabler for the workforce, third parties, and customers.” The award winners were selected based on various factors, including innovation, market need, and impact on customer experience and operational efficiency. All entries were considered by a panel of industry expert judges. “We’re thrilled to receive this award in such a competitive category. “RadiantOne has been known over the last twenty years as the technical enabler for solving enterprise-grade security and business challenges; with this award, we’re pleased to be recognized as a strategic investment in the security infrastructure.” Joe Sander, CEO of Radiant Logic After years of inorganic growth, piecemeal identity solutions, and a loss of control due to unplanned remote work, identity sprawl is a reality for most modern enterprises. This sprawl leads to tremendous technical debt, increased risk posture, reduced productivity, and poor decision-making capabilities. RadiantOne’s ability to unify identity data across disparate sources creates an authoritative identity data pipeline, improving security, efficiency, and ease-of-use across the organization. About Radiant Logic Radiant Logic, the enterprise Identity Data Fabric company, helps organizations combat complexity and improve security by making identity data easy to use, manage, and protect. The RadiantOne Platform turns identity data into a strategic asset, enabling organizations to improve decision making, accelerate innovation, and minimize risk. About Aite-Novarica Group Aite-Novarica Group is an advisory firm providing mission-critical insights on technology, regulations, strategy, and operations to hundreds of banks, insurers, payments providers, and investment firms—as well as the technology and service providers that support them. Comprising former senior technology, strategy, and operations executives as well as experienced researchers and consultants, our experts provide actionable advice to our client base, leveraging deep insights developed via our extensive network of clients and other industry contacts.

Read More

SOFTWARE SECURITY

GrammaTech and T.E.N. Announce Call for Nominations for Product Security Executive of the Year Awards

GrammaTech | August 16, 2022

GrammaTech, a leading provider of application security testing products and software research services, and T.E.N., founder of the Information Security Executive® (ISE®) of the Year Awards, today announced the Product Security Executive (PSE) of the Year Awards. This annual competition will recognize individuals whose contributions have delivered advancements in security for embedded or commercial software products. Nominations are now being accepted through October 10, 2022 at The judging panel includes: Edna Conway, Vice President, Security & Risk Officer, Cloud Infrastructure at Microsoft, former CSO, Cisco Global Value Chain and a member of the Executive Committee of the U.S. Department of Homeland Security Task Force on ICT Supply Chain Risk Management. Malcolm Harkins, Chief Security & Trust Officer with Epiphany Systems, former Chief Security and Privacy Officer (CSPO) and the first CISO at Intel Corporation. Troy Rydman, Senior Practice Leader - Global Strategic Accounts, Security, Risk, & Compliance for Amazon Web Services (AWS) and former cybersecurity executive with Silicon Valley Bank, with fourteen years of increasing cybersecurity leadership. “In a world of increasingly autonomous products, from cars to appliances to robots, managing the integrity of the software that enables our connected world is critical. The Product Security Executives who drive quality, security and safety of our many devices are pivotal to the digital economy. “It is time to recognize these individuals and the significant contributions they make in securing the software at the heart of our hyper-connected world.” Edna Conway, VP, Security & Risk Officer, Microsoft Cloud Infrastructure Eligibility U.S.-based executives, including those with director, vice president, chief product security officer or similar titles, who are responsible for product security management are eligible for consideration. This includes individuals overseeing security at all stages of the product development lifecycle for software, firmware and/or embedded code; as well as secure product design, risk and vulnerability management and standards/regulatory compliance. There is no cost to enter. “There’s an increased emphasis on maintaining the safety and security of embedded software across virtually all industries, which is becoming the responsibility of a Product Security Executive whether or not the title exists,” said Andrew Meyer, Chief Marketing Officer for GrammaTech. “We collaborated with T.E.N. to create this award competition and recognize the men and women on the front lines of this new discipline, honor their accomplishments and share their best practices with the industry.” “The number of IoT devices is in the billions and we will continue to see an ever-growing number of devices become smart and connected,” explains Marci McCarthy, CEO and President of T.E.N. “Every device is at risk for cyberattacks, and threat actors are taking advantage of every opportunity to exploit product security vulnerabilities. Demand for product security has thus grown across multiple industries, especially consumer electronics, automotive and healthcare. Because product security is a relatively new concept whose time has come, we are thrilled to partner with GrammaTech to recognize individuals for advancements and innovations leading to more secure products going to market.” About T.E.N. T.E.N. is an award-winning technology and security networking and marketing firm that hosts relationship-building events between top Information Security executives, industry pioneers and innovative solution providers within the cybersecurity industry. Its flagship program, the nationally acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals, honoring both leading executives and deserving project teams. About GrammaTech GrammaTech is a leading global provider of application security testing (AST) solutions used by the world’s most security conscious organizations to detect, measure, analyze and resolve vulnerabilities for software they develop or use. The company is also a trusted cybersecurity and artificial intelligence research partner for the nation’s civil, defense, and intelligence agencies. GrammaTech has corporate headquarters in Bethesda MD, a Research and Development Center in Ithaca NY, and publishes Shift Left Academy, an educational resource for software developers.

Read More

PLATFORM SECURITY

Searchlight Security Elevates Dark Web Intelligence to Board Level with New Automated Reporting

Searchlight Security | August 02, 2022

Searchlight Security, the dark web intelligence company, has introduced new automated reporting functionality into its DarkIQ dark web monitoring solution to help security analysts and MSSPs to quickly and easily communicate external threats to executives. DarkIQ is a powerful dark web monitoring solution that utilizes the most comprehensive dark web dataset on the market, and the only one that includes dark web traffic to and from the organization’s network. It takes the attributes that are most important to a business - including employee credentials, software, devices, IP addresses, network components, and company datasets - and alerts organizations to their presence in deep and dark web marketplaces, forums, and conversations, which could indicate an imminent attack. This threat intelligence is specific to the organization, removing “alert fatigue” and allowing security teams to prioritize the most urgent threats to the business. DarkIQ’s new automated reporting function builds on its existing capabilities by helping analysts to more easily communicate the dark web intelligence they discover - improving response times to possible attacks and educating the wider business on dark web threats. “Our mission is to make dark web intelligence as relevant and actionable for businesses as possible and our new reporting function is a huge part of that. Threat intelligence is only powerful if it can be understood and acted on - otherwise it is just noise. Communication is everything.” Eric Milam, EVP product at Searchlight Security DarkIQ Reporting gives enterprise security teams and MSSPs the ability to: Generate slick reports with one click - with threat intelligence data automatically pulled, inputted, and presented from the DarkIQ platform. Select the right level of detail for the audience - with an “Executive” report option for a high level summary or “Detailed” report for security personnel, which includes recommended remediative actions that should be taken based on the threat data. Add and remove reporting fields - to further customize the report to suit the audience by adding, moving, or removing components, as well as the ability for security teams to add their own analysis, context and observations. Customize design - with the ability to brand reports and change the font and color scheme, a particularly important feature for MSSPs reselling DarkIQ to their customers. Resource more effectively - with less time spent on reporting so they can spend more time protecting the business. Demonstrate Return on Investment - with the ability to show imminent threats that have been identified and prevented through dark web intelligence. Milam concluded: “In threat intelligence, the job isn’t done until the report is filed. This is a burden on security teams that we wanted to - and have been able to - alleviate, because every minute less they spend reporting is a minute more they can spend stopping the bad guys. At the same time, they have a better solution to deliver pre-attack intelligence with more clarity so the business can be more proactive in stopping imminent threats.” About Searchlight Security Searchlight Security provides organizations with relevant and actionable dark web threat intelligence, to help them identify and prevent criminal activity. Founded in 2017 with a mission to stop criminals acting with impunity on the dark web, we have been involved in some of the world’s largest dark web investigations and have the most comprehensive dataset based on proprietary techniques and ground-breaking academic research. Today we help government and law enforcement, enterprises, and managed security services providers around the world to illuminate deep and dark web threats and prevent attacks.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Cerberus Sentinel announces acquisition of NLT Secure

Cerberus Sentinel | September 07, 2022

Cerberus Cyber Sentinel Corporation , an industry leader as a managed cybersecurity and compliance provider, based in Scottsdale, Ariz., announced that it has completed the acquisition of NLT Secure, a cybersecurity company with headquarters in Providencia, Chile, and U.S. offices in Tampa, Florida. Under the terms of the agreement, NLT Secure became a wholly owned subsidiary of Cerberus Sentinel. NLT Secure provides a broad range of security solutions and managed services to organizations throughout South America. Lorenzo Espinoza, founder and chairman, NLT Secure, will continue to manage the company's team of professionals and will work closely with the leadership team in Latin America. “NLT Secure accelerates our growth strategy into Latin America and is an excellent cultural fit. “As cybersecurity continues to be a global challenge requiring a breadth of capabilities, NLT has made this its mission to help secure businesses and organizations. NLT Secure has partnered with our Arkavia Networks and CUATROi teams, also based in Chile, for several years and compliments our combined service offerings.” David Jemmett, CEO and founder of Cerberus Sentinel "Our vision has always been to protect and guarantee the continuity of operations for our clients considering the challenging scenario of cyber threats they face every day. I want to deeply thank the incredible team of professionals that make up NLT, because it is thanks to their passion and commitment that we have managed to make this dream come true. I´m so excited to take this step together with the incredible team of Cerberus Sentinel, with whom we share a culture and a vision,” said Espinoza. About Cerberus Sentinel Cerberus Sentinel is an industry leader as a managed cybersecurity and compliance provider. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

Read More

Spotlight

A few years ago most firms would manage cybersecurity and make investment decisions based mainly on industry best practices, resulting in their adopting certain technologies, policies and practices, without a detailed understanding of their specific overall cyber risk situation. As a result, very few successfully developed and deployed a strategic, comprehensive and effective cyber risk management framework. Lacking a clear articulation of how cyber risks integrate into organizational risk, many firms experienced a persistent under-funding of information security budgets.

Resources