Cyber Security & Cloud

Why AI is the future of Cyber Security

7 trillion Cyber threats were blocked by CISCO alone during 2018. This number is staggering. It is widely accepted that in the internet age a hacker’s ability to access important information and cause harm remotely means that it is imperative for organisations to bolster their security capabilities to protect data and assets. But how is another question.

Over recent years we have seen greater numbers of organisations turning to Artificial Intelligence (AI) to enhance user experience, increase productivity and boost sales. Now companies are also turning to AI assist with their Cyber Security needs as well.

Capgemini Research Institute has written a report Reinventing Cybersecurity with Artificial Intelligence where they surveyed 850 Senior Executives from IT Information Security, Cybersecurity and IT Operations in 10 countries, across seven sectors including; Telecoms, Automotive, Consumer Products, Utilities, Banking, Retail and Insurance.

- 61% of those surveyed said they would not be able to identify a critical threat without AI

- 69% of organisations surveyed said they will not be able to respond to Cyber Attacks without AI - with the Telecoms industry being the highest sector looking to AI to thwart attacks at 80%

- 48% said that their budget for AI in Cyber Security will increase in 2020

Cyber Security attacks are costing organisations millions, with 20% of those surveyed reporting losses of over $50,000,000. With the Telecoms industry showing the highest loss. These figures clearly only strengthen the need for another way to defend against costly breaches.

With the rise of technology-based products within the banking industry it is unsurprising to see that 75% of organisations surveyed within that sector are looking to other forms of Technology - AI, Machine and Deep Learning to help identity these threats.

One in five companies stated they had already adopted AI pre-2019. These numbers are looking to skyrocket, with 63% stating they are looking to utilise AI by 2020. Network Security is already utilising it and is set to be the highest adopter of AI over the next two years.  This is unsurprising given its importance to any IT system.  In fact, 75% of organisations stated that they use AI in this area. Data Security was a close second at 71% - again unsurprising given how important the information is and its valuable appeal to hackers. With endpoint devices looking to increase to 25,000,000 by 2021 it is clear why endpoint device security is third at 68%.

Given that the use of AI within Cyber Security is still relatively a new feature it is expected that 51% of executives are focusing budgets around the detection of threats over prediction and response. However, as we see the adoption of AI and Machine Learning grow within Cyber Security, it is likely that there will be a shift towards using these methods to predict and respond to threats. “Currently response processes tend to be very rule-based,” explains Stephen Schmidt - CISO, AWS. “We will get better when the response platforms can take a generic input and produce a broader output. For example, if you see an attack proceed against one machine, then respond by blocking that attacker on all machines which are similarly situated.”

As Technology evolves, so does the complexity and volume of cyber risks. Therefore, organisations are already looking to other avenues to shore up their Cyber Security. Many companies have already adopted AI in Cyber to mitigate these challenges and it is likely that in 2020 we will see a sharp rise in numbers of organisations utilising this technology to detect, predict and respond to threats.

The challenge now facing the industry is one of a talent shortage.  With much of this technology relatively new, the number of technology professionals with the skills is far below the demand required.  And with new technologies being released regularly, companies are reticent to upskill their people for fear that they will move on elsewhere, taking that knowledge with them.

There are several steps organisations will need to take to see the potential and return from using AI within Cyber Security;

- Identify where AI can bring the most value

- Collaborate to make sure your organisation is up to date on ways to implement AI

- Train staff to make sure they know how to deploy the algorithm

- Install Governance to make sure you get the expected outcome

- Identify recruitment partners who will support your hiring needs and work with you on your strategy

- Develop a hiring strategy which will protect your short, medium and long-term human capital requirements

- Focus on retention of key employees.

AI is not going away, and neither is the need for greater sophistication in tackling cyber security issues. Organisations are putting more resources behind it, but the key is making sure that investment delivers a return.