Artificial intelligence to provide greater cybersecurity
While ensuring cybersecurity is becoming increasingly complex, a number of promising new technologies and strategies are emerging this year to address this. These include artificial intelligence and machine learning, in addition to deception technologies.
The company is constantly upgrading its equipment to increase cyber security. The latest achievement in this arms race are so-called "deception technologies". These pose as an actual existing IT resource (such as servers, accounts, etc.) and aim to trap potential attackers. Once they become the target of an attack, this immediately leads to the alerting of security teams. The goal of such systems is to increase the likelihood that internal security teams will detect intruders on their networks. Meanwhile, there are already some robust and sophisticated technologies on the market that are a good option when a modern "cyber hunting program" is too costly. Furthermore, these systems are aimed at companies that want to use additional detection methods alongside existing security processes. However, since this approach has not yet gained widespread acceptance, there is as yet no empirical data on how sophisticated attackers might react to such systems.
Artificial intelligence already delivers results
Artificial intelligence (AI) and machine learning in particular have developed significantly in recent years, including in the area of security. Solutions are now available that deliver impressive results when properly tuned. While there are currently still a large number of vendors that do not offer a significant improvement over new technologies, this will change in 2018. In addition, the new EU General Data Protection Regulation (EU GDPR), which comes into force in May and will bring heavy penalties for non-compliance, plays an important role. Companies should therefore establish a uniform set of rules with which they can meet current and future compliance requirements.
Three steps to improve cybersecurity
But even though artificial intelligence may already be doing a lot for cybersecurity, companies can still do a lot themselves to protect themselves from the new security threats and ensure greater data security.
- Inventory of applications: To build a security architecture that takes into account enterprise risk and allocates resources effectively, it is necessary to determine what needs to be protected, where these assets are located, and how important they are to the enterprise. This requires close collaboration between business units.
- Reduction of the attack surface: Modern security concepts have long assumed that attackers penetrate internal systems, because today firewalls or IPS systems can no longer keep them outside the network. To reduce the number of accesses by cyber criminals, an organization's total attack surface should be reduced to a minimum. This includes processes such as patch and vulnerability management, but also security models like Software Defined Perimeter or Beyond Corp.
- Governance: In many companies - especially in small - little investment is made in governance. It should help understand the risk to the business, prioritize the necessary safeguards, make investments, and create strategic plans. At the same time, it should require maintenance according to established policies and measure the effectiveness of operations. With an incident management plan in place, organizations are able to respond quickly to a security incident.
Source: Rackspace
