By Susan Rebner, CEO of Cyleron
Every second, minute and hour, companies are generating an enormous amount of data. Big data is inescapable, essential and under siege. As cloud-based and open-source applications continue rapid growth, data will be changing hands more often, therefore increasing the risk of a cyber-breach. Indeed, data has become an incredibly valuable asset and can easily be monetized by nefarious actors.
The U.S. government positions cyber as the fifth domain of warfare (land, air, space, sea and now cyber). According to a Gallup study, Americans are more worried about cybercrime than violent crimes (including terrorism). The report further states that 71 percent of Americans are worried about having their personal/financial information hacked and 67 percent of Americans are worried about being a victim of identity theft. Unfortunately, we expect to see a major breach in the news almost every day.
Cyber professionals, myself included, are now leveraging machine learning and artificial intelligence (AI), specifically machine learning (ML), in an attempt to anticipate and battle these unrelenting threats. The ML algorithms classify, cluster, forecast and analyze networks, endpoints, user behavior, emails, etc., primarily for purposes of detecting anomalous behavior. However, at the same time, cybercriminals are employing the very same technological advancements in ML to intensify their offensive cyber attacks in order to misrepresent, encrypt, obfuscate and steal.
An important topic of conversation surrounds adversarial machine learning and how bad actors seek to undermine ML model accuracy, performance, behavior, decision making, etc. Without question, it remains a constant and daily challenge for organizations to remain protected in the current digital space, even those considered to be at the forefront of employing advanced AI capabilities and programs.
Deep learning, a subset of machine learning, leverages massive datasets to learn and improve model accuracy while typically becoming more and more precise the more data it ingests. Deep learning's self-adaptive improvement capability relies upon nested, interconnected layers inspired by artificial neural networks (ANNs). Essentially, each layer within the network contains any number of artificial neurons that provide generalizable learning functions until the output is achieved.
Historically, security professionals struggled with attempting to make sense of the veritable tsunami of collected data in order to shore up a meaningful cyber defense posture. With deep learning's unique capability to quickly identify anomalies by detecting inconsistent and/or incongruous patterns and behaviors, malicious activity can be identified much more promptly and accurately. As impressive and promising as AI is within the realm of cybersecurity, organizations must continue to employ a multifaceted approach in order to truly remain reasonably protected.
Here are a few suggestions on where to get started with a strong overall cybersecurity framework:
- Strategize: Consider both your current state of protection, as well as your vision for future state. This means defining your vision, cyber strategy and road map, and developing a cyber plan from there.
- Invest and mobilize: Engage all company stakeholders and onboard resources. Ramp up projects, implement cyber software and prioritize cyber-focused education and training.
- Implement tools and technologies: Implement world-class firewalls, endpoint security software, network intrusion detection systems, encryption at rest and in transit, etc.
- Monitor, protect, detect: This means conducting consistent vulnerability testing and compliance monitoring.
- Respond, recover, report: Focus on incident response and awareness, business impact analysis and recovery strategy.
It is critical to continuously educate employees through rigorous training, system exploit exercises, information sharing, etc. In addition, companies should invest significant human and financial capital toward implementing best-in-class technologies and techniques. The digital landscape requires that organizations remain constantly vigilant and prepared for any number of threats across an ever-expanding threat landscape. Once again, even the most advanced artificial intelligence program(s) must be coupled with experienced human counterparts who can analyze and act upon the information provided.
That said, retaining and enriching in-house talent for cybersecurity, data science and machine learning should be made a top priority. The next decade will see a dramatic increase in capabilities along both offensive and defensive fronts, but the time is now to begin training and preparing. Indeed, I believe cybersecurity preparedness should be considered second only to organizational profitability.
Customers are beginning to expect more from companies that retain their sensitive personal data and have already begun "voting" with their wallets. Moreover, legislation will likely be enacted whereby significant penalties will be faced by companies who demonstrate egregious cyber-neglect or incompetence.
Susan Rebner is the CEO of Cyleron, an artificial intelligence enabled cybersecurity software and solutions company.