Topics In Demand
Notification
New

No notification found.

1442

0

At times, we miss the technology behind the scenes, as simply, as one would miss the forest for the trees, but the impact and value of Artificial Intelligence (AI) in today’s times is hard to miss because it touches every aspect of our lives. Whether it is accurate filtering of our emails, auto-respond options, smarter virtual assistants managing work, autonomously flying cars and planes, or even recommending content on social media based on our prior viewing history, artificial intelligence in action is all pervasive.

With AI’s ability to transform productivity and workflows, its adoption in cyber security to build resiliency should be natural. Cyber Security is a highly specialised field where enterprises are experiencing a lack of skilled talent, while at the same time grappling with a rapidly changing digital landscape and proliferating sophisticated threats.

Use Cases of AI in Cyber Security

Innovative applications of AI in cyber security have involved such use cases as attack prediction, risk quantification, fraud and anomaly detection, incident response automation, vulnerability management automation, phishing and botnet detection, data leak prevention, identity related privilege creep prevention, improved and accurate compliance to disparate regulations, and driving governance.

Benefits of Leveraging AI for Cyber Security

Adoption of AI in Cyber Security has created a significant impact on enterprise resiliency by increasing capabilities of advanced detection and automated response, especially against sophisticated threats that use AI based attack techniques. It has also transformed resource-intensive tasks like security monitoring as supervised machine learning algorithms have efficiently reduced security alerts from millions to hundreds, while increasing identification accuracy of probable incidents. Thanks to AI, even investigation and incident response related workflows are more autonomous and faster.

The other side of AI

AI is here to stay and will play an increasingly central role in cyber security. But every company must be aware of and carefully consider the challenges in adoption of AI. These include protecting AI models from adversarial influence, availability of required data to train machines, and the right kind of data science as well as engineering talent required to manage and support such initiatives. Research supports the fact that even if malicious actors stealthily compromise a neural network model and replace up to 50% neurons in it, the activity may remain undetected as the model will continue to function effectively with 90% plus accuracy. There are multiple such attack examples, which include poisoning, evasion, inference, and input attacks amongst others. As enterprise dependency on AI increases, there is a definite need to protect AI systems and processes.

 While enterprises can use AI to automate multiple tasks, reduce human errors and correlate huge security datasets to derive significant insights, they are increasingly targeted by bad actors who use AI to launch stealthy (low and slow) polymorphic attacks. These sophisticated threats evolve within the enterprise and have the ability to hide in plain sight, disguised as legitimate traffic, while analysing and intelligently choosing and targeting attack vectors based on environment assessment.

There is also a large market on the dark web for AI based attack tools, which is greatly increasing the opportunity for any individual to become an attacker. These tools are based on machine and deep learning models and include ML-based botnets and phishing tools to gather user information and generate fake links and messages respectively, and advanced intelligent malware. Such tools need minimal expertise and data to function. For instance, an algorithm needs only a few seconds of a voice sample, to accurately recreate accent, tonality and speech. This could be the next wave in phishing where even phone calls from known people whose voices we recognise cannot be trusted.

This fact that attackers misuse AI to stay ahead of the curve makes its adoption an urgent imperative for every enterprise. Most reputable security tools leverage AI in some form, but strategically incorporating AI into enterprise cyber security will drive immediate benefits. Instances include machine learning or deep learning for network traffic analysis, user behaviour analysis, intrusion detection/prevention, vulnerability triage, security monitoring efficiency, or threat hunting.

Leveraging AI securely and effectively will result in improved robustness and resilience. AI can enable enterprises to build cyber capabilities around faster and more accurate detection of advanced threats and improve time to respond and recover from incidents. There is great impact and value in terms of the competitive advantage that AI delivers to enterprises by bringing efficacy, efficiency and explain-ability to cyber security.

 

About the author:

Dr K P S Sandhu

Dr K P S Sandhu is Head of Research and Innovation with the TCS Cyber Security Practice. He has extensive experience in delivering Cyber Security projects across BFSI, Healthcare, Retail, TTH and other industries. His expertise spans security architecture, roadmap and strategy, risk management, data protection, DevSecOps, and cloud security. In his current role, he focuses on researching emerging areas of cyber security, conceptualising innovative solution offerings, and fostering partnerships for cyber co-innovation.

 

 

 


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.