Artificial intelligence in cyber security – IT Governance Blog

Cyber security has become a major priority for every organisation. The right controls and procedures must be put in place to detect potential attacks and protect against them. However, with the risk of a cyber attack increasing every year, how can you keep up with the ever-evolving threats?

What is Artificial Intelligence?

Artificial intelligence (AI) is the creation of intelligent machines that can learn from experience, allowing them to work and react as a human would. This technology enables computers to be trained to process large amounts of data and identify trends and patterns.

Such machine learning has been adopted in industries such as motoring, healthcare and retail. It will no doubt progress to many more, so what might this mean for cyber security?

The 2018 Cisco Annual Cybersecurity Report expects organisations to increase their use of encryption. However, to keep up, they will need to incorporate advanced tools – such as AI – to prevent, detect and remediate potential threats.

Security professionals are expected to spend more on tools that use AI and machine learning, which would help with the extra workload caused by the increasing risk of an attack, and improve defences.

Malware is often communicated within encrypted web traffic, and sensitive data sent through Cloud systems, so the relevant tools need to be put in place to detect and prevent the use of encryption for masking malicious activity.

Cisco’s report suggests that, over time, AI should be able to learn how to automatically detect unusual patterns in encrypted web traffic and Internet of things (IoT) environments. Ultimately, this would help improve network security defences.

Another big cyber security issue has been the skills gaps: organisations have not been able to find staff with the necessary skills. AI and machine learning tools would help overcome these gaps.

AI in the Cyber Security Industry 

AI seems to already have a place in the cyber security industry, with Barclays Africa using AI and machine learning to detect and respond to cyber security threats. Group CSO Kristen Davies said: “As the global threat landscape is advancing quite quickly, both in ability and collaboration on the attacker side, we really must use advanced tools and technologies to get ahead of the threat themselves.”

She added: “There is an enormous shortage of the critical skills that we need globally […] We’ve been aware of that coming for quite some time, and boy, is it ever upon us right now. We cannot continue to do things in a manual way.”

The Cisco report interviewed chief information security officers (CISOs), who said that they are keen to use AI and machine learning tools, and that their security infrastructure is growing in “sophistication and intelligence”. However, one problem with AI is the potentially high number of false positives, as this defies the point of decreasing the workload. With time, this number should decrease as the tools gain more experience.

There is evidently a place for AI and machine learning in cyber security. The complexity of cyber threats is increasing, making it harder to detect attacks, and harder still to protect against them.

Although AI is rapidly developing, organisations are still not safe from the risk of a cyber attack.

Cyber Security Audit

If there is room for improvement in your organisation’s cyber security, or if you are starting from scratch, the Cyber Security Audit service is ideal. It is also useful for organisations seeking assurance about the effectiveness of the controls they have deployed.

The Cyber Security Audit is one-day, entry-level service that will identify your organisation’s risks, vulnerabilities and threat exposure, and provide recommendations for improvement.