Trench Tales: Using AI to strengthen cybersecurity

It’s become increasingly comment nowadays for cybersecurity companies to market their products and solutions as AI-based. After all, if cybercriminals are getting smarter, then businesses will need smarter defenses to counter them. And which of us who are working down in the trenches of our IT profession can say they can keep up with the flood of new malware, vulnerabilities, and threats? The cyber landscape seems to be growing more dangerous each week, and there’s no way you or I can learn all we need to know about these dangers and how to repel, mitigate or sidestep them.

Enter artificial intelligence (AI) into the room. The idea here is to have someone help you secure your environment who knows tons more and can think and act smarter than us poor humans ever can. But is it really true that a cybersecurity solution can “think” like a human being only faster and better? Not really, because AI is just applied math running on lots and lots of very fast processing cores — not at all like the grey mushy stuff inside our skulls. So, it’s just another buzzword in an industry overwhelmed with buzzwords vying for the attention of business decision-makers who have authority for purchasing IT solutions for their organization.

On the other hand, the amount of information that needs to be ingested nowadays to ensure our infrastructures are secure is way beyond what the typical IT department or sole IT person can deal with. IT needs cybersecurity tools to help them navigate this ocean of data to identify threats and counter them before things get out of control. So, whether you call it AI or machine learning or deep learning or applied multivariate linear regression or whatever, what we do definitely need today are tools to help us keep our data safe and networks secure.

cybersecurity strategy
Shutterstock

Martin Urwaleck knows this and has been taking steps to ensure the IT environment he manages stays safe as cybersecurity threats multiply around us in our connected world. Martin has been working in IT for more than two decades and was previously head of desktop and shop operations for a company in Hamburg, Germany. He now resides in Vienna, Austria, where he manages the IT operations for a public company. Martin recently implemented an AI-driven cybersecurity solution from a UK-based company called Darktrace to enhance the security of his IT environment, and I talked with him about what his concerns are in the cybersecurity area, why he chose Darktrace, and what he thinks of this growing emphasis on AI being the way forward for securing networks and data.

MITCH: Martin, how has your IT environment changed in recent years that caused you to look for a new cybersecurity solution to implement?

MARTIN: Initially, we had a clear boundary — good was internal, bad was external. With the introduction of Exchange Online, we used the same email security as our internal Notes, but the server was external — so we pushed the good/bad boundary for one application to somewhere in the cloud. Our next step was the introduction of O365 — now we had OneDrive, SharePoint Online, and Exchange Online in use — and pushed the boundary again. Our next step was to move our webserver from the DMZ to Azure — guess what happened to our boundary!

Our first line of defense was a border firewall, and then we had some AV on the users’ systems. Our first step was to secure the user’s system — so we implemented a 5th-generation AV solution, SentinelOne. However, I had to find a solution to secure the rest that was my internal network before — and all the new stuff in the cloud.

MITCH: Have there also been any changes in the cyber-threat landscape that have motivated you to strengthen the cybersecurity posture of the company where you work?

MARTIN: Changes in the cyber-threat landscape helped me to get more budget for that topic! But it didn’t influence our opinion and ideas as IT management for the next cybersecurity steps for our company. It just helped to speed up everything.

cybersecurity

MITCH: What appealed to you about Darktrace that led you to choose their approach for bolstering your company’s cybersecurity defenses?

MARTIN: Darktrace’s approach is AI-based and allows you to add data from other systems to improve the overall view on our security. I can use Darktrace to actively change firewall rules, etc., depending on the attack scenario. And Darktrace gets in touch with me when they notice something’s going on at my sites — a little bit like a SOC. Besides, it’s a European company, and my partners are located in the Netherlands, so no time zone issues.

MITCH: What products or solutions from Darktrace have you decided to use?

MARTIN: We are currently using Enterprise Immune System, Antigena Email, M365 SaaS Module

MITCH: What has been your experience using their products/solutions?

MARTIN: Darktrace gave — and gives — me a perfect customer experience. The presales team that worked first with me and then with my team is the same as the post-sales team. I got answers to all of my questions and requirements from them and get continuous support to improve the quality of the analytics. And support is based in Europe — so I have no time zone issues.

MITCH: Do Darktrace’s offerings integrate well with the existing cybersecurity defenses and processes you have in place at your company?

MARTIN: Yes — we are currently adding the SentinelOne logs to Darktrace and will add our border firewall logs in the next step.

MITCH: Darktrace declares themselves on their website to be “world leaders in self-learning AI” as it applies to cyber-defense. How important do you feel artificial intelligence technologies will be in the future for safeguarding the IT infrastructure and data of businesses and organizations?

MARTIN: Personally, I don’t like the term AI. There’s no intelligence — it’s just algorithms. But deep learning or AI is the only chance to ingest the enormous amount of information to correlate and interpret — whether it’s business data or security data. So AI use will increase with the number of our data points used.

MITCH: Thank you again for sharing your expertise with our readers here on TechGenix.

MARTIN: You’re welcome.

Featured image: Shutterstock

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top