Cyber security is one of the greatest technical challenges of today. Limitless data and complex networks means there is too much happening, too rapidly, for traditional information approaches to cope with.
The threat landscape has changed from classic information theft to sophisticated and fatal attacks that can halt business within minutes and crucify reputation thereafter.
The rampant spread of IoT devices, bring-your-own-device policies and insider threat – malevolent or unintended – now add a complexity that requires intelligent management systems. Providing constant vigilance against threats and vulnerabilities, machine learning (ML) and Artificial Intelligence (AI) technologies at the security layer are the next generation custodians for networks.
An intelligent cyber security system
These latest advancements autonomously identify and react to emerging attacks in the moment, arming organisations so that security can stay ahead of both fast-spreading threats, and those that are biding time, skulking silently, in the dark virtual crevices of networks.
In contrast to legacy security, machine learning prospers on network complexity and data volume. Human involvement or data training is not required. Intelligent learning of what is ‘usual’ for each network is unhindered by over confidence or predetermined ideas of security. It just gets on with the important business of detecting abnormalities and mitigating threats, faster and better than the models of today – encumbered as they are, by humans.
Time to absolve people of the burden?
There is conflicting opinion that employees are either the most effective link or the weakest chink in an organisation’s defence. Policy and/or common sense dictate it prudent to continue with some form of security awareness training but with the proliferation of connected devices and their unmanaged usage it is unrealistic – nigh impossible – for employees, IT or security teams, to manually identify and stop risky activity.
It’s time to accept that security issues aren’t user interaction problems; they’re device and system interaction problems – complex and increasingly beyond the reach of legacy solutions.
Increased reliance on intelligent technologies and automation cannot be avoided. To defend networks from the inside out, cyber security systems should be intelligent enough to:
- Work without human supervision – knowing when and how to take proactive or defensive action for the ‘health ‘of the organisation.
- Spot all connected devices – and the vulnerabilities they introduce; approve and deny access to networks, and learn from constantly evolving conditions to become more effective over time.
- Take action – autonomously slow down or stop a threatening connection by generating precise, targeted remedial action and prevent infections such as ransomware from spreading and inflicting damage.
Cyber criminals are targeting organisations from every direction and channel, with IoT creating a significantly larger attack surface. Organisations who think employee cyber awareness training, an updated database, secure firewall and patched OpenSSL constitutes defence, are labouring under a false sense of security.