AI a game changer for cyber security in 2018
DUBAI, January 30, 2018
By Rajat Mohanty
At the end of 2017, cybersecurity experts published their predictions for 2018. One big theme repeated in many headlines:
• Hackers to exploit AI technology for data breaches in 2018— Symantec
• 2018: The gloves are coming off as cybercriminals leverage AI, profiling— CSO
• An AI arms race and attacks on cryptocurrency among cyber security predictions for 2018— betanews
These experts predict that AI will change the game for cybersecurity in 2018. But when you evaluate the state of cybersecurity at the end of 2017, you see that the game has already changed, and that in 2018 AI will simply intensify this change.
AI-driven cybercrime: Pouring gasoline on fire
Even before attackers deployed AI, enterprise adoption of cloud, mobile, and IoT already opened countless new vulnerability points. Cybercriminals already began to exploit these new angles of attack via sophisticated, high-volume, multi-dimensional attacks. And enterprises were already encouraged to switch to Managed Detection and Response (MDR) services.
Traditional prevention-focused, perimeter-based, manual security measures were already obsolete before anyone discussed AI-based cyberattacks. Enterprises were already flooding with hundreds—often thousands—of alerts, and hundreds of thousands of malicious files, to analyze every day. And conventional rules-based cybersecurity had already begun to fail against the plethora of unknown attacks—and often unknown attackers—facing enterprises.
By the end of 2017, organizations already faced attackers who produced a flood of complex threat data much greater than they could handle with human-only teams. The addition of AI to automate and accelerate cyberattacks will offer a significant problem in 2018. But it is not a new problem—it is an escalation of the data-focused threat landscape we have already been contending with.
AI will only deliver one big game change in 2018— cybersecurity providers will begin to deploy their own AI-driven defences as a standard service.
AI-driven cybersecurity: Fighting fire with fire
In 2018, at a base level, AI will give cybersecurity providers the power, speed, and precision they require to effectively handle the accelerating influx of threat data produced by modern cyberattacks. AI-driven systems will work much faster than any human could, and give cybersecurity experts the ability to contend with their massive volume of endlessly varied cyberattacks.
AI will provide value throughout the entire IT stack, and enhance the entire spectrum of cyberdefense activities. It will assist cybersecurity teams as they perform error-free monitoring of the entire IT stack, collect and analyze security data from different data repositories, track various threats, calculate existing vulnerabilities, and triangulate existing breaches. In the event of a breach, the proper AI-driven system will offer intelligent recommendations for threat response, and allow cybersecurity teams to limit damage from a threat within minutes.
Properly deployed, AI will give organizations near-real-time detection to their attacks. And, when properly applied to threat anticipation, AI will provide pre-emptive detection of attacks, by informing organization about which new threats are likely to strike them, and giving organizations effective preventative capabilities for the first time in years.
These capabilities are already deployed by best-in-class modern cybersecurity providers. But as cybercriminals increasingly leverage their own AI to augment their attacks in 2018, these capabilities will be seen as increasingly necessary at every level.
Bringing AI to your organization’s defence: A practical perspective
2018 will likely be a year of transition for AI in cyberdefense. Many organizations are still using an MSSP, or have developed an internal SOC, which do not offer mature, end-to-end AI capabilities. But as more organizations adopt a Managed Detection and Response (MDR) service, AI will become a standard element of every effective security posture.
Organizations are waking to this need. Currently, 56 per cent of organizations are actively deploying or investigating security as a service. That percentage will only increase in 2018, as AI continues to act as a major force in both cyberattacks and cybersecurity.
About the author
Rajat Mohanty is co-founder, chairman of the Board of Directors and CEO at Paladion, a global leader in AI driven managed detection and response services.