Why AI is Crucial to Cyber Security
When you think of AI (artificial intelligence), the first thought you may have is in regards to games, recreation, and futuristic robots. After all, AI is the next big thing in virtual video games, taking "reality" to a whole new level. However, AI is so much more than that. There has been a lot of hype about AI in the last couple of years. Again, most of it in the form of promises of faster answers, better outcomes, and improved productivity. From advanced machine learning and intelligent apps to digital twins and conversational systems, AI is just breaking out of an emerging state with substantial disruptive potential across all industries, says Gartner. Please don't misunderstand, there have been many examples of advancements in various industries with AI algorithms from predictive analytics in healthcare to cognitive science.
However, a lot of AI development is being spent in the cyber security space, as well it should with the advent of ransomware, sophisticated malware and the like. All the top technology companies are spending millions each year on AI and cyber security -- from Microsoft to Google, from Cisco to Symantec, including the big name anti-virus companies. However, in the last few years, there has been an increase in startups around security tools that tout machine learning and AI (Darktrace, Cylance, AlienVault, etc.). You can look at this trend by checking out Gartner's Top 10 Strategic Technology Trends for 2017, 2016, and 2015.
Robust security strategies are critical
While there is no "silver bullet" when it comes to protecting your company's network (at least not yet), it is important to have a robust, multi-layered security strategy. Unfortunately, those who are becoming most advanced when it comes to AI in terms of security are the ones on the offensive: cyber criminals, says Banking Technology. The way to combat these criminals is to escalate AI defenses. However, nothing is fool proof. There's not enough manpower in the world to make sure networks are 100% secure 100% of the time, especially with the prevalence of a cloud-based infrastructure.
Solid products, knowledgeable technical staff, and end-user training go hand-in-hand. This should include social engineering training and the use of AI/machine learning in your environment. As an example, on top of your traditional firewall and IPS (Intrusion Prevention System), add an industry-proven endpoint monitoring system, preferably one that uses machine learning to identify and prevent bad code from executing. Then, add a tool that gives you a holistic view of your entire network in real time that identifies advanced threats, including those stealthy, unconventional, silent attackers. Be sure that your end-user security training is inclusive, given regularly, and updated often as trends change around social engineering and phishing.
Additional risks in the healthcare realm
The risks with cyber security aren't just financial, although that aspect can certainly be devastating. We've all heard the stories of major retailers and credit card companies getting hacked for stolen account numbers and sensitive private information. However, the threat goes beyond that into the very realm of life and death. We're talking specifically about the healthcare industry. Whereas cyber attackers in years past have struck quickly and loudly as part of a virtual sneak attack, today's cyber criminals are taking it much more slowly and methodically. The focus now is not just on stealing the data, but altering that data without detection, according to CNBC.
Thus, long-term consequences can be devastating, as companies and healthcare providers attempt to isolate the altered data and determine which information is real and which is fake. This can have life-altering effects. For example, electronic medical records that are altered without the knowledge of doctors and nurses means critical misdiagnoses can adversely affect patients' health and indeed lives. This is why healthcare is just as important as the financial industry when it comes to cyber security, and all the more reason to leverage AI.
In response, many security tech companies are trying to embrace more technologically-advanced ways of protecting important data. At the heart of these developing tools are an advanced algorithm that can adapt and learn normal patterns of life for every user and device in a network and find anomalies. One popular system is modeled after the human immune system, this technology mimics how the body can quickly identify and respond to all of the foreign threats it encounters every single day.
Threat detection advances
Threat detection is certainly a main focus of today's AI and machine learning technology push. Not only can it monitor human behavior, it can detect things that aren't quite right and sound an alert. Lately, big data -- the ability to collect, monitor and analyze ever-increasing volumes of data -- has been deployed in the ongoing battle to stay one step ahead of hackers and malicious actors (anyone from disgruntled customers to spying governments), points out Forbes. While big data can be a good starting point for decreasing cyber threats, inevitably a machine learning strategy will need to follow. And that's what we're seeing: advanced analytics and cutting-edge technology trying to tackle vast streams of data available via company networks, the Internet, and connected machines.
Right now, there's a battle of wills going on: the cyber attackers vs. everybody else. The winner will be the one with the control. AI is emerging as a tool to capture that control.
This article is published with written permission by Brian E. Thomas, as per guidelines of the IDG Contributor Network and CIO.com