Recent news that the first companies are facing multi-million dollar fines after falling afoul of the EU’s General Data Protection Regulation sent shockwaves throughout the business world.
Whether these fines stand or are reduced after appeal, the cost to fix a cyberattack, is often exorbitant, made worse by the unplanned nature of getting things back up and running to return to business as usual.
Added to this is the disruption caused to supply chains, the workforce in general, customers, as an enterprise struggles to recover. There are many cases of employees having to resort to manual processesas they wait for their computers and networks to get back on-line following a breach.
Cyberattackers have a large arsenal of weapons to target organisations including an assortment of tools designed to find cracks in the network infrastructure, breach systems, steal data, cause disruption, and more. These bad actors are adept at pivoting to and harnessing advanced technologies and utilising the cloud to launch, modify and re-launch attacks at frightening speeds.
Indeed, as corporations embark or continue their digital transformation journey it is inevitable that networks will become more complex, complicated and difficult to police. Unfortunately, this is exactly what cyberattackers prey on and mercilessly exploit,often with devastating consequences for the victim.
Yet the tide is turning as more enterprises demand cybersecurity technologies help them spend less time worrying about the security of their data,and protecting their digital transformation and way of life. This comes at a time when data is being produced, stored and analysed on a massive scale making the problem of cybersecurity even harder to overcome.
Help is on hand though. There are open and integrated, AI-based security platforms that allow analysis by security teams into vast data sets. Data lakes are created to securely and privately store and analyse large amounts of data using artificial intelligence and machine learning to find and close down threats.
AI is changing the technological landscape, especially in cybersecurity, as it plays a major role in detecting cyberattacks at an early stage or even before they occur. Through the examination of data traffic, algorithms access and analyse any abnormalities in data patterns and if anomalies are detected, AI programs can easily determine if there is a security breach in the system.
As the threat landscape becomes more complex, the role of AI in cybersecurity will increase substantially to help organisations keep up with cybercriminals’ tactics, which is becoming more sophisticated.
In parallel, behavioural analytics, a sub-set of artificial intelligence, plays an important role in accelerating investigations with automation and stops attacks before damage is done. There are four key benefits to integrating behaviouralanalytics into cybersecurity strategies, namely:
1. Cost Efficiencies – Security operations typically come at a high financial cost but using behavioural analytics helps save on costs while increasing visibility into security operations.
2. Effective Prioritisation – Cybersecurity professionals are constantly faced with separate high-priority issues. Behavioural analytics can help separate the issues that are genuinely high-priority and require immediate attention.
3. Better Resource Allocation – When security teams gain a better understanding of prioritisation, they can better allocate the appropriate resources to combatting attacks.
4. Faster response times – The automation of response analysis has replaced a torturous process involving humans who had to manually sift through data to understand and execute the proper response protocols. Automated responses are powered by artificial intelligence and behavioural analytics and have dramatically shortened incident response cycles.
Time for enterprises to act
Organisations need to integrate artificial intelligence into common operating platforms to achieve centralised visibility, and faster response times if they want to defend against attackers who use sophisticated, automated processes in their attacks.
If organisations are in any doubt about building a robust cybersecurity infrastructure, the recent GDPR news serves as a reality check and wake-up call for all enterprises that collect customer data, even if data protection laws are yet to be updated or implemented in their country of operation.
There is a strong moral argument to be made about protecting data irrespective of the legal ramifications. The world has moved on and technologies exist today that makes cybersecurity more efficient, automated and faster at identifying and closing down threats.
The harsh reality is that every organisation – whether for, or not-for profit – will be subjected to an attack or intrusion by cybercriminals keen to extract information, hold to ransom, or for any other malicious reason. Many enterprises around the world have so far escaped from being held accountable for the loss or unauthorised access to customer data because the legal framework globally is under-developed.
This state of affairs is changing and advanced technologies such as artificial intelligence are front and centre in cybersecurity strategies. If artificial intelligence, machine learning and behavioural analysis and other advanced technologies are being used by cybercriminals, then it makes sense that enterprises must do the same for their cybersecurity strategies.
Written by Wickie Fung, General Manager Hong Kong and Macau, Palo Alto Networks