- April 18, 2018
- Posted by: jakir
- Category: Uncategorized
With the increasing occurrence of cyber attacks and high-profile attacks, organizations are now looking towards artificial intelligence (AI) – which entails machine learning technology and neutral networks, as a solution and a new form of defense mechanism and cyber security. This is coming with increasing loss of confidence in human abilities in lieu of the infinite ability that machines have to constantly analyze threats and then respond almost immediately.
However, entirely relying on machines to keep an entire organization safe from cyber vulnerabilities and hackers, overlooks one fundamental truth: cyber security is an arms race and the skills and tech that one side posses will ultimately be available to the other side. To simply put, the same machine technology that security experts are clamoring for will also soon be either adopted or co-opted by savvy hackers across the globe.
Furthermore, a lot of work still has to go into machine learning before it can be considered as a robust form of cyber defense. Currently, machine learning has not completely demonstrated that it can satisfactorily handle every type of task thrown at it, but with more exposure to raw data and certain algorithm, they will ultimately learn. Similarly, it is almost like the image recognition tool – where you show machine several images of a dog, and the more images you show it, the greater its ability to spot a dog.
Therefore, it is apparent that machine learning can indeed be useful in cyber security: machines can help security teams quarantine high-risk threats in an organization and then move to improve the defenses for those kinds of threats. For instance, if an organization is at risk of fifty potential threats, a machine can classify those threats and prioritize them in order of severity, and then humans can step in to first work on resolving the most critical threats.
Machine Learning In Cyber Security
One of the common ways to implement machine learning in cyber security is by creating strong spam filters. Most times, threats to organizations come in the form of spam emails sent by hackers which are laced with malware. Once an unsuspecting employee opens a spam message that somehow escapes the grip of traditional anti-spam filters, there is a potential risk that the malware can spread into the whole organization’s network.
Therefore, it is quite important to acknowledge that adopting machine learning for email security is a laudable decision – it can act as the all-important first defense system against fraudulent, malware-filled and malicious spam emails. When you group email as a “classification” issue, machines can then play crucial roles in filtering out the “good” emails from the “bad” emails. All you need to do is to show the machines numerous examples of both “good” and “bad” emails, and then it will develop a 99% accuracy level in identifying them in the future.
Machine learning is also commonly used to identify unusual activity in an organization’s network traffic. For instance, an unusual rise in network activity might be an indicator of a potential looming cyber-attack (such as a DDOS attack). Similarly, unusual activity in the account of any employee might signal that they may have been compromised. Also, the way you frame the issue to the machine is also crucial; organizations must be able to illustrate what “normal” is so that machines will be able to accurately spot any form of unusual activity in the network’s traffic.
Cyber Security & The Enterprise
Technology research firm Gartner in a bid to ignite more studies into cyber security by experts have proposed a PPDR model, which is in line with the numerous uses of machine learning for cyber security within an enterprise:
In truth, organizations can predict future attacks using machine learning technology, prevent these attacks, spot potential threats and respond appropriately. With the appropriate machine learning algorithms, experts predict that it may be feasible to protect even the biggest and most vulnerable organizations from cyber-attacks. In this age where data is rife, and where organizations must learn to adequately manage and protect them, it is coming as no surprise as to why they are looking to machines for security.
Obliviously, there is a massive amount of potential for cyber securities and machine learning in an enterprise. Some experts have opined that by the year 2020, companies will have spent a combined amount of around $655 billion on cyber security, where some have even placed the figure at around $1 trillion.
If companies spend that much money on cyber security, they will want to be guaranteed that their investments in machine learning will actually pay off. Before machine learning can match the hype been showered on them, they will need to first provide a thorough security solution that covers every potential security flaw for companies – including, but not limited to the network itself, all applications, all endpoints in addition to all users. That’s a big ask, but more and more organizations are getting pretty confident that machines will rise to the occasion.
At Redsploit we offer a variety of services that will ensure unexpected things can be avoided. From penetration tests, to vulnerability scan and management, we provide first hand solutions that provide early warning to minimize the risk of new vulnerabilities affecting your assets. Call us today for a free consultation and learn how we can provide you with the security and peace of mind your company deserves.