If you have anything to do with the world of business, you have heard and read a lot about cybercrime and cybersecurity in the recent past. Concerns around the state of cybersecurity are at an all-time high, particularly now that the world has witnessed the potential impact of security breaches (WannaCry!). Make no mistake about it, cybersecurity has grown in importance and capabilities; IT can protect businesses from thousands of potential risks, breaches, and cybercrimes. The problem is — cybercriminals seem to be outpacing the growth of cybersecurity. The impact — businesses have to invest millions into research and talent acquisition to be able to protect their digital assets. Does using technology such as artificial intelligence for automated cybersecurity make sense?
Fusion of cybersecurity and artificial intelligence
AI is another term that seems to be at the tip of everyone’s tongues these days. Deep learning algorithms that make advanced machine learning a reality, Big Data as service models that make analytics affordable for businesses of all scales and sizes, and liberal IT budgets allocated for AI projects — all mean that AI is an important part of the digital transformation strategy of every enterprise. So, it was only a matter of time before the two forces were expected to fuse together and create a potential solution for the seemingly indomitable problem of cybercrime: automated cybersecurity.
In this guide, we’ll explore the benefits of automated cybersecurity initiatives, a key acquisition that indicates toward the positive outlook for AI-powered cybersecurity and will round things up with a list of possible downsides of such an approach.
Current pain-points with cybersecurity
Here are the main obstacles to incorporating a strong cybersecurity policy, as it stands today.
- A modern enterprise has just too many IT systems, spread across geographies. Manual tracking of the health of these systems, even when they operate in a highly integrated manner, poses massive challenges.
- For most businesses, the only practical method of embracing advanced (and expensive) cybersecurity technologies is to prioritize their IT systems and cover those that they deem critical for business continuity.
- Currently, cybersecurity is reactive. That is to say that in most cases, it helps alert IT staff about data breaches, identity theft, suspicious applications, and suspicious activities. So, cybersecurity is currently more of an enabler of disaster management and mitigation. This leaves a crucial question unanswered — what about not letting cybercrime happen at all?
AI-powered automated cybersecurity in threat prevention and mitigation
Manual management of cybersecurity aspects of enterprise IT is tedious, time-consuming, and almost always repetitive. That’s because the basic security policies to be implemented for most systems and applications are similar, if not exactly the same. However, most of these have different people taking care of cybersecurity aspects. The result is there are too many employees performing similar jobs, implementing similar policies for applications and processes. Instead, automated cybersecurity can implement these policies across applications with reliable effectiveness. Not only does this reduce the cybersecurity housekeeping resources you need, but it also delivers massive benefits when your CIO tells your team to update policies across systems. This makes AI-powered automated cybersecurity a key step toward streamlining processes.
An enterprise owns digital assets spread across several asset classes. Among these, business applications are the most critical in terms of cybersecurity requirements. However, the common denominator for most applications ends here. In terms of their code bases, UI and UX designs, interfaces, and target user bases, all of them differ massively from each other. This makes it next to impossible for enterprise IT to go for simplified one-size-fits-all cybersecurity implementations. Here, rule-based cybersecurity settings, workflows, and functionalities can provide a scalable solution. And that’s what AI-powered automated cybersecurity has to offer.
We mentioned the problem of effort duplication. Too often, IT managers give in to the temptation of asking their people to perform these duplicate efforts, resulting in stress, frustration, and worse still, errors! Need we say anything further? The one IT area where an error could easily translate into doom for business is cybersecurity.
Microsoft’s acquisition of Hexadite
In June 2017, Microsoft announced that it had acquired a U.S.-Israeli AI-powered cybersecurity firm Hexadite. Reports suggest that the acquisition cost $100 million. Hexadite’s Automated Incident Response Solution (AIRS) technology is made to check alerts and execute remedial steps with near-zero human intervention. Microsoft is looking to include this technology in its plans as far as AI-based cybersecurity is concerned. The word around is that Microsoft will include Hexadite’s technology as a part of its Windows Defender Advanced Threat Protection product (it’s used for zero-day attack detection and anti-ransomware operations). This acquisition and Microsoft’s press releases indicate that AI-based cybersecurity is already on the radars of tech innovators.
Here’s a quick mention of some risks and challenges associated with AI-based automated cybersecurity:
- Like every force of automation, AI-based cybersecurity will bring in questions of potential job loss or reassigning existing cybersecurity personnel; this makes it a tricky affair for enterprise IT to manage.
- There’s always a sense of discomfort with the idea of trusting a purely automated system, more so when it’s cybersecurity automation we’re talking about. Enterprises need to manage this perceived loss of control.
- Purchasing advanced cybersecurity technologies can be difficult because there are not many AI-based systems for purchase yet. This creates risks of overspending.
AI is changing the most traditional of technological systems and fueling the creation of new ones. Cybersecurity is no different. AI is set to play an increasingly important role in using automated cybersecurity to make enterprises secure from the ever-increasing risk and threats posed by cybercriminals.
Photo credit: Shutterstock