The cyber threat is real. 53% of mid sized companies suffered a cyber attack in the past 12 months according to Cisco's 2018 SMB cyber security report. What’s more, more OT and IoT attacks are on the horizon – 31% of security professionals said their organisations have already experience cyber attacks on OT infrastructure.
But it is not all bad news. Artificial Intelligence (AI) can be used to help to mitigate security threats and risks by intervening early – detecting suspicious activity and shutting down potential attacks before they cause any damage.
Here are four ways that AI can help make your business more secure.
1. AI will immediately alert you about the high-impact threats
In the Cisco Annual Cyber Security Report 2018, we found that in the Northern European region – which has the highest level of maturity of adopting new security and processes – 53% of companies see more than 10,000 security alerts every day, and 30% had more than 100,000 alerts.
With so many alerts, businesses can struggle to categorise which alerts are most important – and therefore may lose valuable time in realising that a high-impact security threat is very likely to occur.
Using AI, businesses can not only analyse which alerts are ‘high impact’ but also how likely these are to occur. The combination of the two data points are automatically assessed so that the critical alerts can immediately be pushed through to the company’s business workflow; alerting expert analysts to get involved when necessary. Otherwise, it’s like having a never ending email inbox, filled with spam. You’re not able to work out the urgent from the important. AI can help to investigate real and critical alerts, rather than the alerts that don’t need worrying about.
For small and medium sized businesses this is particularly important as you may not have the luxury of having security experts working full-time at the company. In fact, research has shown that 27% of SMBs say the lack of personnel is one of the biggest obstacles to security.
2. Artificial Intelligence will make sense of encrypted traffic
It’s a huge challenge for SMBs to inspect all of the traffic at their perimeter – there’s just too much of it for this to be sustainable.
This is made harder because attackers are using encrypted traffic, and so organisations would struggle to decrypt everything coming their way. But AI tools exist to help identify malware activity with high certainty even with encrypted channels, without the need for decryption or inspection of the traffic payloads.
3. AI will help make-safe the Internet of Things
While all SMBs are aware of the term IoT (Internet of Things). What they may not be aware of is the amount of IoT devices that are connected to their network, and this is a huge problem. Just because it doesn't look like a computer or a phone, doesn't mean it can't be used by cyber criminals when it's connected to a network. In fact, the use of IoT botnets (whereby cyber criminals take over your device and can use it to orchestrate Distributed Denial of Service attacks) is growing.
If organisations have no idea what computers, of any size or type, are on their network, and what those computers are touching, how they’re interacting with other devices, and what their normal network traffic patterns are, then they can’t even begin to secure their network. And that lack of visibility will only get worse as the number of IoT connections grows exponentially over time.
A smart algorithm can help SMBs to pick up these devices and show how and where they’re connected, clustering them in a meaningful way so that you can identify them and regain control.
4. Artificial Intelligence can spot the unknown unknowns and crypto-mining
Machine learning, a subset of AI, can help organisations to not only detect known-knowns (these are things that we know that we know), but also ‘unknown unknowns’ (these are things that we do not know that we don’t know). In other words, the most obscure and hard to find threats can be detected thanks to AI.
But that’s not all; with the rise of cryptocurrencies, some attacks are now focus on gaining access to a computer's CPU for the purpose of crypto-mining.
So, as many SMBs spin up workloads in public cloud service environments, they need to keep a watch that criminals are not using their CPU to mine cryptocurrency. Once again, AI can be used to better analyse the IT environment to check how compute is being used at all times.
To learn more about the current threat landscape and how new technologies such as AI and machine learning can help, download the 2018 Cisco Annual Security Report
To get the latest technology trends and insights delivered straight to your inbox, sign up to our regular newsletter.
About the AuthorFollow on Twitter Follow on Linkedin More Content by Hazel Burton