In the world of Cybersecurity today, there are many new buzzwords that are coming out. Some of them include 2FA, making use of high levels of Encryption, Mean Time to Detection, Managed Detection Response, End to End Security, Virtual Machines, Threat Actors, Nation State Actors, Risk Mitigation, you name it. If you are thinking of a new one, it’s already been probably though up of.
But there, are two new areas that are not just becoming buzzwords, but they are also taking some sort of shape in the Cybersecurity industry: That is Artificial Intelligence and Cybersecurity Risk/Insurance Policy selection.
We are probably hearing much more about the former than the latter. In fact, Artificial Intelligence (also known affectionately as “AI”) is not just becoming the big talk with amongst security professionals, but it is also becoming the topic of hot discussion in other industries as well.
So, what exactly is AI? When one thinks of it, an image of the brain is often conjured up, with a lot of light bulbs going off on the inside of it. To a certain degree, this illustration is true. But AI is much more than that. An AI system tries to learn from the data that is fed into it and make projections into the future. A specific definition of AI is as follows:
“Artificial intelligence (AI) makes it possible for machines to learn from experience, adjust to new inputs and perform human-like tasks. Most AI examples that you hear about today – from chess-playing computers to self-driving cars – rely heavily on deep learning and natural language processing.
Using these technologies, computers can be trained to accomplish specific tasks by processing large amounts of data and recognizing patterns in the data.”
The first part of the definition covers what I had already previously mentioned, but the second part of it elaborates on something else. AI tools also can harness a large amount of information and data in just a matter of minutes and find hard to detect and even hidden trends in all of it.
This is something that would take a human being a long time to achieve (we are talking about hours and even days in this instance). So just where will AI fit into the future, when it comes to Cybersecurity?
At the present time, there are four key areas which include the following:
*Finding those covert security holes and gaps:
Although this has been the primary role for Threat Hunting and Penetration Testing, sometimes things can still go unnoticed. When AI is used in conjunction with this, it can be assured that all the hidden gaps can be found, and quickly remediated. In other words, think of AI as your 24 X 7 X 365 Centurion. It is guarding your fortress when your IT Security team might be sound asleep or busy thwarting off other Cyberthreats.
*A value Add for Physical Access Entry applications:
When one thinks of Cybersecurity, the thought often comes up threats to computers, servers, and wireless devices. But this is only just one part of the picture. The other part has to do with the Physical Premises of your business. This means protecting all your main entry and exit points not just from the outside, but from the inside as well. There are security tools in place to offer multi layers of protection, such as using Biometrics. But using AI can also add an extra arsenal to your artillery, especially when it comes protecting your business off hours, when everybody has gone home for the day. In this regard, AI can be especially useful for hunting down the potential for Insider Attacks, which is yet another looking threat vector occurring today.
*Sifting through what’s not real and what’s real:
As eluded to before, the IT Security teams of today are totally overwhelmed and even inundated with all the alerts and warnings that they get. They simply cannot keep up with all of this, and this phenomenon has been labelled specifically as “Alert Fatigue”. In fact, it has gotten so bad that even real alerts and warnings are being unintentionally disregarded. Some of the more documented Cyberattacks that have just recently occurred could possibly have been avoided if the IT Security team in question was not so overburdened and had the time to comb through all of them. In this kind of scenario, AI will prove to be very useful. By learning what is real and what is not, it can quickly send out to the IT Security team those alerts and warnings that are for real. That way, they can be triaged in just a matter of minutes and acted upon quickly before any threats do become real.
*It can predict the future:
One of the biggest dreams of any Cybersecurity professional is to have that proverbial crystal ball and have the ability to forecast what the future threat landscape will look like. But this can only be done by closely examining the sheer amounts of intelligence that is gathered and extrapolating future trends from that. But once again, this is simply too much for a human being to do, and it would take a lot time. By the time any future predictions can be made, new variants will have already attacked, thus eradicating any projections made. In other words, it’s time to go back to the drawing board in order to consider these new variants. But with AI, this is not the case. It can predict the future in real time, in just a matter of minutes. Best of all, it can also consider a new threat variant that comes almost instantaneously.
My Thoughts on This
The bottom line is that AI will be a huge boon not for just for Cybersecurity, but for other industries as well, especially when it comes to task automation. But the downside to this is that this could mean lost jobs for individuals that have performed these kinds of tasks for many years.
While AI will be very beneficial, by no means should it be viewed as the ultimate “Savior” that will have the answer to everything.
This is far from the truth. Rather, AI should be strictly used as a value add to other security tools and procedures that are already in place. No IT Security team should rip all of this out, and just replace it entirely with an AI System. AI is just a tool, and it has its own share of flaws as well, just like any other piece of technology.
It’s just like Biometrics. After the horrific incidents of 9/11, Biometrics was thought to be the “Savior” for all things insecure. But when it did not live up to all its hype, the whole industry came crashing down. Nobody ever said that Biometrics would be the ultimate answer.
Only the Press did that. So, when you read more stories about AI on the various news websites, just keep in mind that AI is not the cure all for everything. It should only be used in conjunction with other Cybersecurity tools, as a way of further fortifying your lines of defenses.