3 AI Practices in Cybersecurity Automation
Two of the biggest risks to a secure network today are the potentially growing attack surface and the ever-changing forms that attacks can take.
See how automation helps you address issues with Cybersecurity:
"The biggest challenge is the attack surface," says Michael Xie, founder, president and CTO of Fortinet. Compared to a few years ago, there has been a massive increase. There are the traditional servers and desktops, which are not going away. There are mobile devices on the wireless network; there is WiFi;
There are all kinds of IoT devices and smart devices.
Looking at IoT alone, there were 31 billion connected IoT devices in 2018, with 130 billion projected by 2030, according to the IHS Markit IoT Devices and the Connectivity Intelligence Service.
Running the monitoring software
To stay ahead of potential threats, companies need to run monitoring software on all these devices and networks, and then find a way to analyze the data generated by this software.
"It's almost impossible for human beings to handle everything," says Xie.
Artificial intelligence allows computers to monitor most of the network, process logs and reports, classify false positives from legitimate issues, and look for anomalies that might represent real attacks. In other words, automated systems can become first-line security officers, doing the routine work of observing sensors and scanning logs, only alerting their supervisors - human cybersecurity experts - to real problems.
"Instead of the need for hundreds of professionals to process this information for a large company, computers can reduce that to maybe 10," says Xie.
The Advantage of Machine Learning
Systems that use machine learning can also recognize variants of malware, making automated threat detection even more useful.
Ed Amoroso, executive director of TAG Cyber.
"And if you get an exact match, it says you have malware. But if you don't, you have a problem," since a new version of the malware, or an entirely new threat, may go undetected.
says Amoroso
The software learns from what it is seeing and trains itself. This makes machine learning-enabled systems very well designed to identify malware variants.
"It used to be like putting 30 pictures of cats into a 'software' and then asking, 'Is that a cat?" he says. "The 'software' would say, 'Well, is it an exact match? No. '" But machine learning takes the 'software' away from the exact match problem," he says. "You put a 'malware' and says, 'Well, I've seen about a million examples here, and this one is really right in the mix. It's definitely an attack, even if I can't give you an exact match, it's definitely a cat. '"
Identify Standards for Cybersecurity
Artificial intelligence systems can identify patterns that humans sometimes cannot.
The Self-Evolving Detection System of the FortinetFor example, it can identify new attacks based on pattern recognition, behavioral analysis, and machine learning, and instantly create signatures to block threats before they infect a network.
The system has proven effective even against malware from day zerowhere there is no previous version of the threat.
"We run an operations center where millions of samples come in every minute," says Xie, which means Fortinet's systems are examining potential threats that its sensors have picked up around the world. If there is no artificial intelligence, there is no way anyone can analyze all these factors and understand the trends among different hackers in different places around the world, creating attack 'malware'.
The artificial intelligence machine is able to capture something that seems super-complicated and that we can't figure out by looking at it with human eyes. "
Evolving software for evolving threats
Another major advantage of artificial intelligence technology in cybersecurity:
"When you buy a product that has machine learning, you just put it on," Amoroso says. There's no need to wait for it to hit new, unknown threats. "I've already taught you how to figure out what to look for. You don't need updates.
See that this makes cyber security AI-enabled is not only more effective, but also easier to maintain, since it is always up to date.
Says Xie
"AI is becoming more powerful and more accessible. And as it does more, it actually gets better. At some point, it actually exceeds the capability of humans."
WSJ. Custom Studios is a unit of The Wall Street Journal's advertising department. The Wall Street Journal's news organization was not involved in the creation of this content.
Wall Street Journal - Jan 2, 2019
