Topics In Demand
Notification
New

No notification found.

A peek into AI as the future of cybersecurity
A peek into AI as the future of cybersecurity

September 2, 2022

276

0

A peek into AI as the future of cybersecurity

An increase in the number of cyber-attacks globally has bred cybercrime as world’s third largest economy after the US and China. These attacks have not just increased in number but frequency, velocity, intensity, complexity and more importantly the inability of businesses to detect and respond to cyber threats effectively and efficiently. 

This coupled with challenges around talent and skill set shortage, technology advancements in the way we architect, transfer and store data and information, make cybersecurity predicament a reality, seen both with teams responsible for securing the enterprise and the boardroom.

Enter Artificial Intelligence components developed using machine learning algorithms can help address many of these challenges, broadly around identifying potential vulnerabilities, detecting malware, and phishing scams, investigating security breaches in the system, etc. Infusing intelligent automation, in some cases learning large data sets of existing anomalies and correlating it in the context of the organization’s threat landscape is essential.

With the help of AI, the analysis and investigation of various attacks is now more efficient. The logging and recording process takes care of all the same data that was once processed manually. The sole focus on AI has helped in increasing productivity by 50% while reducing energy consumption as well as maintenance costs.

In an ideal world, AI would detect and stop cyberattacks before they happen, use machine learning (ML) to learn from past attacks and then predict what might be coming next and stop it. However, like all new tech, we have this notion that AI will solve all our problems with the click of a button!

The balance of offensive and defensive AI

One of the biggest challenges for defenders is how to keep up with the threat landscape as AI evolves to become more advanced and capable of both offensive and defensive roles. To do that, they will have to be able to detect new types of phishing attacks while also being able to analyze behavioral patterns within their environment.

The question is whether defenders will be able to keep up with the threat landscape as AI evolves (and what it means for cybersecurity) by creating new solutions that are tailored specifically toward each individual company or organization's needs.

To combat the intelligently automated threat landscape, defenders will need to develop new solutions that are tailored specifically towards each individual company or organization's needs because current tools are not able to detect malware at scale and they also do not have any visibility into behavioral patterns within their environment. It's clear that threat actors will continue using artificial intelligence (AI) as an offensive tactic to evade detection, create more effective malware, and automate phishing campaigns.

These facts coupled with the talent and skills shortage in cybersecurity are the biggest drivers in putting in more effort and research into infusing AI in various defensive strategies currently existing at various stages of the rapidly changing digital organizations going through disruptive transformations thus increasing the complexity of building trust.

Building defensive AI strategies 

In an idealistic cyber safe world, a set of Artificially intelligent “cyber super AI agents” deployed in various components of an organization AI would identify threats, predict their occurrence, detect attacks, and prevent them from happening in the first place. And while there are developments actively happening in this space; some of the areas organizations and the larger cybersecurity industry could focus on are:

  1. Train and educate the human

Human is known to be the weakest link in the cyber trust chain. Efforts towards building and training AI components to learn from past events and proactively educate and prevent humans from breaking the link. AI powered anti-phishing ecosystem with proactive training and alerting mechanisms both at the gateway and endpoint would be a good start.

  1. Secure at source

Embedding AI component, that is trained in “secure coding”, into the Integrated Development Environment (IDE) that developers use to not just write secure code but also training them such that the future business applications have lesser chances of vulnerable code resulting in lesser time to keep fixing and remediating application vulnerabilities.

  1. Train the AI to learn and deploy

In the ever-evolving cyber threat landscape, any cyber AI product claiming to stop cyber threats out of the box needs to go in the Recycle bin! From deploying your super AI product to providing it time to learn, understand the terrain and adapt intelligent strategies to correlate and combat cyber threats is crucial to success. AI components using supervised machine learning (ML) even more so as it leverages data sets and has the goal of finding a pattern in the data.  The usage of this type of ML includes anomaly detection, prediction, and image recognition.

   4. Remediating more vulnerabilities in less time

In the hyper-connected, perimeter-less, hybrid IT environments today, an exponential growth of vulnerabilities in the systems is a reality and remediating the critical ones on priority and on time is a concerning challenge. There is a strong need of an AI-enabled vulnerability management ecosystem that understands, learns, corelates the internal and external threat landscape and intelligently prioritizes the remediation program. A combination of supervised and un-supervised machine learning (ML) components would be required to build this AI ecosystem.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.