{"id":444,"date":"2020-08-19T11:52:08","date_gmt":"2020-08-19T06:22:08","guid":{"rendered":"https:\/\/tech9labs.com\/blog\/?p=444"},"modified":"2020-12-11T15:50:19","modified_gmt":"2020-12-11T10:20:19","slug":"how-to-solve-cybersecurity-challenges-with-ai-and-ml-part-1","status":"publish","type":"post","link":"https:\/\/tech9labs.com\/blog\/2020\/08\/19\/how-to-solve-cybersecurity-challenges-with-ai-and-ml-part-1\/","title":{"rendered":"How to solve cybersecurity challenges with AI and ML (Part-1)"},"content":{"rendered":"<p>Using an AI-powered analytics platform, organizations can shift from a reactive approach to security breaches, to proactively identifying increasingly sophisticated threat vectors and quickly resolving exploitable vulnerabilities.<\/p><p><\/p><p><strong>Executive Summary<\/strong><\/p><p>In a\nrecent report from Identity Theft Resource Center (ITRC), the number of\nbreached customer records containing personally identifiable information (PII)\nskyrocketed to 34 million records leaked. Significant\n2020 breaches include those experienced by Cognizant, Twitter and few BFSI\ncustomers in India including Facebook, Under\nArmour\nand Marriott International in last few years. The\nstudy also points out that the resulting customer churn from loss of brand\nreputation and consumer trust was a leading contributor to the increased\nindirect costs of a data breach.<\/p><p>Threat\nvectors are only multiplying as more enterprises move to digital approaches for\ndoing business and embrace a wide array of internet-connected devices, cloud\nand social media. Even as organizations implement emerging technologies into\ntheir core businesses to safeguard their information crown jewels, malicious\nagents are also evolving, thereby increasing the nature of deceptive and\nautomated cyber-attacks.<\/p><p>Given the unprecedented levels of data and analysis involved in a hyper-converged networked world, we believe traditional defence mechanisms and siloed security tools are unequipped to address the ever-evolving cyber threat landscape. Cybersecurity now requires advanced analytics that keep pace with the speed and scale of digital business. This means IT organizations must leverage big data, cloud and with artificial intelligence (AI)-powered analytics to provide predictive insights and threat protection.<\/p><p class=\"has-background has-very-light-gray-background-color\"><\/p><p><strong>The current cyber threat landscape<\/strong><\/p><p>A\nrobust cybersecurity defence strategy needs to account for latest,\nsophisticated threat vectors, as well as the more sophisticated attacks\npossible through the advent of cloud enablement, IoT initiatives, big data\nanalytics, social media, mobile computing, cryptocurrencies, etc.<\/p><p><strong>The\ncurrent threat landscape is characterized by following three trends: <\/strong><\/p><p><strong>1) No\nbody is fully protected to Cyber-attack- All industries are prone (Matter of\nluck): <\/strong>No industry is untouched and all industry\ndomains like BFSI, Healthcare, Manufacturing, e-retail can be attacked and\nbreached.<\/p><ul class=\"wp-block-list\"><li>The cost of Equifax\u2019s data breach in 2017, for example, was about $300 million. Indirect costs resulting from organizational resources spent notifying victims and investigating the incident, as well as the loss of goodwill and customer churn, also have substantial financial consequences. Moreover, regulatory changes such as the European Union\u2019s Global Data Protection Regulation (GDPR will enforce strict penalties for any privacy lapse. <\/li><li>Hacking is one of the most popular choice of attackers. Unauthorized Access was the second most common method of breach.<\/li><\/ul><p><\/p><p><strong>Four\nmajor cybersecurity challenges and how to handle those:<\/strong><\/p><ol class=\"wp-block-list\"><li><strong>Cybersecurity initiatives are failing to keep up with accelerating\ndigital threats. <\/strong>Roughly 84% of respondents\nin a recent study feel companies are insufficiently prepared for the\nvulnerabilities caused by IoT initiatives and 49% of CIOs in a Gartner study\nsay their enterprises have already changed their business models or are in the\nprocess of changing them. <\/li><\/ol><p>With\nconnected technologies and IoT, companies must shift from managing security for\nthousands of network endpoints, to millions of connected devices. With the\nadoption of container technologies, IoT devices, mobile devices and cloud\ninfrastructures, many organizations\u2019 security tools and processes lack\nvisibility into the new resulting threat vectors. <\/p><p><strong>Action item: IT and <\/strong>Businesses need to broaden the data points collected for real-time integration and employ security automation to centralize management and enable rapid, flexible deployment. Security should not be the cosmetic add on but need attention from top management under continuous review.<\/p><p><\/p><p><strong>Limitations of traditional cybersecurity\napproaches<\/strong><\/p><figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"736\" height=\"523\" src=\"https:\/\/tech9labs.com\/blog\/wp-content\/uploads\/2020\/08\/Image1.png\" alt=\"\" class=\"wp-image-445\" srcset=\"https:\/\/tech9labs.com\/blog\/wp-content\/uploads\/2020\/08\/Image1.png 736w, https:\/\/tech9labs.com\/blog\/wp-content\/uploads\/2020\/08\/Image1-300x213.png 300w, https:\/\/tech9labs.com\/blog\/wp-content\/uploads\/2020\/08\/Image1-600x426.png 600w\" sizes=\"auto, (max-width: 736px) 100vw, 736px\" \/><\/figure><ul class=\"wp-block-list\"><li><strong>Bots are annoying. <\/strong>While advanced analytics and\nAI are driving digital business change, malicious agents are reinventing attack\nalgorithms, using AI to create new variants of old attack models. This adds to\nhuge problems with traditional security tools that rely on human intervention\nand manual investigations and don\u2019t always provide 360-degree cyber protection.\nThe potential misuse of advanced analytics technologies can include automated\nhacking, email and social media phishing attacks.<\/li><\/ul><p><strong>Action\nitem: Acknowledge the world of sophisticated threats and evolve from a reactive\nto a proactive strategy. <\/strong>Organizations need to employ\nadvanced analytics powered by AI and machine learning to detect deception.<\/p><ul class=\"wp-block-list\"><li><strong>Siloed data analysis that generates too much noise. <\/strong>Organizations typically use either traditional security information and\nevent management (SIEM) solutions such as syslog servers and log managers, or\nthey utilize multiple cybersecurity products that collect huge volumes of\nsystem and user activity events, independently. This results in disparate and\ndisconnected systems that are not suited to today\u2019s digital models and fail to\npresent the complete picture of the IT health and risk posture at any given point\nin time. <strong>A conventional SIEM can only corelate correctly in ~9% of the\nalerts in time and in rest of the cases not at all effective.<\/strong><\/li><\/ul><p>The\nanalysis of huge volumes of fragmented data results in a lack of comprehensive\nvisibility, false positives and inefficiency. The mean time to identify (MTTI)\nfor a data breach is anything around ~200 days. The failure to quickly detect\nand contain a data breach also has huge direct and indirect financial impacts. <\/p><p><strong>Action\nitem: Evolve from a piecemeal process of analysis. <\/strong>Organizations\nshould adopt innovative thinking to intelligently integrate disparate data to\nradically increase insight generation and response.<\/p><ul class=\"wp-block-list\"><li><strong>There\u2019s a lack of cyber skills and capabilities in the emerging\ntechnology landscape. <\/strong>Given that the human factor\nis a significant cause of data breaches \u2013 there is clearly a critical need to\nimprove awareness among the broader employee community. Conventional education\nand standard procedures are simply not enough to face the mounting challenges\nin the digital world, where attack models are outpacing acquired skills. <\/li><\/ul><p>Security\noperations center (SOC) analysts with knowledge limited to a specific security\ntool will struggle to put together a holistic picture from multiple security\ntools. This will make it difficult to realize the comprehensive event-chaining\nbehaviour and analysis of an incident or anomaly. A lack of skill and\nconfidence in the cyber defence strategy can also hinder an organization\u2019s IT\nmodernization and digital growth plans.<\/p><p><strong>Action\nitem: Inform, educate and upskill SOC analysts and avoid internal fragmentation\nof cybersecurity skill and knowledge. <\/strong>Organizations\nneed to overcome the lack of human-driven intelligence with analytics-driven\nintelligence.<\/p><p>As\nper my experience of a very long with multiple organisations of around ~20\nyears, organisations just treat cyber security as overhead and thought of it as\na business barrier. Lot of IT leaders prioritize IT operations over IT security\ndue to short term benefits over the cyber security controls around People,\nprocess and technology. Cyber Security controls and effectiveness needs an\nattention from the topmost of the organisation and should be under a continues\nreview mechanism through multiple stakeholders specifically from independent\nCISO\/CIO, CFO, CEO\u2019s office and board of the companies.<\/p><p><strong>To\nbe Continued\u2026\u2026<\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>Using an AI-powered analytics platform, organizations can shift from a reactive approach to security breaches, to proactively identifying increasingly sophisticated threat vectors and quickly resolving exploitable vulnerabilities. Executive Summary In&#8230;<\/p>\n","protected":false},"author":2,"featured_media":447,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[67],"tags":[],"class_list":["post-444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/comments?post=444"}],"version-history":[{"count":1,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/444\/revisions"}],"predecessor-version":[{"id":446,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/444\/revisions\/446"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/media\/447"}],"wp:attachment":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/media?parent=444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/categories?post=444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/tags?post=444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}