We decided to talk about one very interesting area of cyber defense: protection using artificial intelligence.
Author: Andrey Ogurchikov
To successfully counter cyberattacks, companies have to implement the latest technologies, incl. cloudy. "Clouds" provide the necessary resources, allowing AI to quickly solve emerging problems. Since Cloud4Y is actively working on the security of customer data, we decided to talk about one very interesting area of cyber protection: protection using artificial intelligence.
AI is used in many areas of human activity. The machine mind is a convenient, fast, and often more profitable tool than a human. It was also used in the field of cybersecurity. For example, with the help of AI, many companies provide more reliable protection of their databases, offloading analytical departments by automating the execution of routine tasks.
There is indeed a demand for AI technologies in the field of cyber defense. A report recently published by the consulting company Capgemini provides some interesting statistics. According to it, 61% of companies are sure that without the use of AI technologies it is impossible to detect all attempts of unauthorized entry into the system in order to steal confidential information. And 48% said their budgets for AI in cybersecurity will increase by about 29% in 2020.
The picture is aggravated by the statement of Cisco, which confirmed that in 2018 it managed to repel 7 trillion (!) Attempts to compromise the data of its customers. That is, on average, Asia-Pacific companies receive 6 cyberattacks every minute. An incredible figure!
Do not assume that the problem is relevant only for the United States, and Russia will not be affected by such an attack. For the report, Capgemini employees interviewed 850 executives from seven industries, including consumer goods, retail, banking, insurance, automotive, utilities and telecommunications. 20% of respondents are IT directors, 10% are CISO, that is, heads of the IT security department.
Among the companies surveyed were those headquartered in France, Germany, the United Kingdom, the United States, Australia, the Netherlands, India, Italy, Spain and Sweden. All confirmed the growth in the number of cyberattacks and the increased need for new protection technologies. Including - with the help of artificial intelligence. That is, there is a problem and it does not have a clear geography.
Who's at gunpoint?
Everything. Statistics have shown that as digital businesses grow, the risk of cyberattacks increases exponentially. 21% of those surveyed said their organization faced a cybersecurity breach in 2018 that led to unauthorized access.Businesses pay a high price for cybersecurity breaches: 20% report losses in excess of $ 50 million. The latest Centrify study found that 74% of all violations are related to privileged account access. That is, attackers purposefully search for accounts with the maximum rights in order to filter out valuable information from the corporate system and sell it profitably.
Big business is undoubtedly the most tasty morsel. But the IT department is usually stronger there, and most of the vulnerabilities are closed. The chances of getting to something of value are slim. It's a completely different story with medium and small companies. The competence of full-time specialists often leaves much to be desired. The result is not just loopholes, but naturally open doors for attackers of all stripes.
Why it happens
56% of senior executives admit that their cybersecurity analysts are overwhelmed and almost a quarter (23%) are unable to successfully investigate all identified incidents. Capgemini found that hacker organizations still successfully use algorithms to send phishing messages to targeted users to obtain confidential information.That is, the often colossal work of the IT security service goes down the drain due to banal human curiosity and inattention, as well as excessive workload on the security department itself. Social engineering is effective, and in order to discourage attackers, you need to try to prevent the end user from receiving such messages. AI is quite capable of acting as a filter.
The advantage of AI is its ability to work faster than humans and constantly evolve. With the introduction of the GDPR and other regulations requiring the protection of different types of data, the need for more reliable protection systems has become even more important.
What is now
80% of telcos say they rely on AI to detect threats and prevent cyberattacks.73% of companies are testing AI use cases in cybersecurity, with a focus on endpoint security. This is an important point, especially considering that the number of end devices (including those supporting IoT) is projected to reach 24 billion by 2021.
51% of CEOs are already using or working on AI for early detection of cyber threats. Machine intelligence is capable of vastly outperforming traditional predictive and response systems. So, as companies are actively exploring the issue of introducing and using AI as part of a complex of measures to ensure cybersecurity, the quality of forecasting and speed of response will grow.
Nearly two-thirds of CEOs agree that AI reduces the cost of detecting and responding to threats (savings from 1% to 15%, 12% on average). Thanks to AI, the total time required to detect threats and violations is reduced by up to 12%. And the latency (the amount of time an attacker goes unnoticed) is reduced by 11%. This reduction in time is achieved by continuously scanning for known or unknown anomalies that show threat patterns.
There is real evidence of this. PetSmart, a popular US pet supplies store, has saved $ 12 million by using AI to detect fraud. In partnership with Kount, PetSmart has implemented AI / Deep Learning technology that studies millions of transactions and their results. The smart system determines the legitimacy of each transaction by comparing it with all other received transactions. Fraudulent orders that are detected are canceled, saving the company money without harming the brand.
Why AI is the future of cybersecurity
Fraud detection, malware detection, intrusion detection, network risk assessment and user / machine behavior analysis are five of the most relevant uses of AI to improve cybersecurity.AI is really changing the familiar aspects of cybersecurity. It improves the ability of companies to anticipate and prevent cybercrime, protects zero-trust devices, and can even control password aging! That is, artificial intelligence is really necessary to ensure the security of the perimeters of any business.
Searching for relationships between threats and analyzing malicious files, suspicious IP addresses or unusual employee activity takes seconds or minutes.That is, AI is already helping a person to ensure cybersecurity. And in the future, its capabilities will only expand, making human participation in the protection process purely nominal.
Take the same banks - thanks to AI, anti-fraud systems will work more reliably and faster, which will save the nerves and money of both clients of financial institutions and the bankers themselves. And according to Dell, which develops such products, AI is able to protect, control and track data in hybrid environments, and prevent 99% of malware attacks.
Interestingly, AI can be made in the cloud. This will allow it to automatically scale up in case of a sharp increase in load (for example, if hackers try to "shut down" the server or disguise their activity under an avalanche of typical actions in the other direction). In addition, the cloud will expand the company's secure perimeter if wearable electronics are connected to an AI-controlled environment.
