For CIOs and Chief Information Security Officers (CISOs), one of the lessons of 2020 is that the organisation is continually vulnerable from cyber threats. The rush to remote work made this apparent.
Organisations have had to change their IT security paradigms. It was not just a rush to get computing devices to everyone that needed it as part of their jobs, it was also making sure that the connectivity between the device and the enterprise remained secure. But more than that, it was making sure this same connectivity is resilient from attack as employees settle to the new normal – a hybrid working model. In cybersecurity there is no room for complacency.
To complicate the security paradigm for enterprises, Gartner says the increasingly large and puzzling security product landscape makes it a major challenge to pick an effective and cost-efficient mix of controls.
“Unified cybersecurity platforms aim to simplify deployment, but lead to new challenges in the larger security architecture. Resourcing for operation remains challenging, noted the analyst in the report 2021 Planning Guide for Security and Risk Management.
To begin with, Aurora says enterprises are combating extremely fast, evolving, stealthy, sophisticated cyber-attacks or cyber threats. He added that the definition of the network post-pandemic has completely changed. He opined that work from home (WFH) has put extreme pressure on legacy approaches to the cyber defence of companies.
Advocating autonomous technology as a defence mechanism
“A legacy approach tries to define based on rules and signatures – what's good, what's bad, what can be allowed what looks like a good activity, whereas that doesn't work, because as you can see how the attackers can very easily deceive these controls that we have been put in,” commented Aurora.
The use of Cyber AI reveals what he called “the pattern of life as to how organisations, how devices and how traffic works. “Based on clever AI and math algorithms, we understand 'self'. This self-learning and continuously self-learning ability or technology allows us to then detect those deviations and understand those early symptoms of larger threats,” he added. “Using self-learning technology, we are able to detect those very subtle, sophisticated or even fast moving and very brazen ransomware attacks which are new and novel. When I say new and novel, there are no signatures or they have been cleverly been able to deceive the normal system that you have put in.”
According to Aurora, a cyber AI platform can respond autonomously in seconds. Upon detecting an anomaly, the autonomous response takes surgical action against the threat. This allows the human teams as he calls them to focus on other areas. From a security standpoint, the addition of a cyber AI tool allows the human response team is be everywhere on the dot every time (in theory).
“Organisations have realized that they have to turn their attention towards self-learning technology, which is easy, which can be dropped everywhere, because the network is everywhere. The digital assets are everywhere, people dynamic workforce is everywhere. And it works on the same core principle, which is self-learning, like our human body's immune system. Once you learn self, then based on anomalies, based on abnormal behaviour, we are able to surgically respond to those threats, which other systems are just not capable of."Sanjay Aurora
Are regulators ready for AI
Aurora claims that many of its customers are in the financial services industries – a highly regulated market segment. Perhaps the extent to which these organisations are continually attacked has warranted the use of many approaches to countering threats to the institutions, its customers and the industry, that these are willing to use autonomous solutions in the defence against cyberthreats.
Aurora says autonomous solutions can be configured to make “surgical responses” to a threat leaving out the rest of the organisation.
Out with the old?
Asked whether the introduction of an AI platform would mean mothballing legacy cyber security solutions as part of a revamping of an organisation’s threat policy and practice, he doesn’t see it that way – 100%.
Aurora says customers are not reducing their cybersecurity thought processes or budgets. However, CISOs and CIOs are asking the question: will we do more of the same?
According to Aurora, as organisations further understanding how self-learning works, they are more open to introducing these new techniques as part of their cyber defence posture.
In the race to introduce new technologies to augment existing practices, Gartner acknowledges that advanced technologies enable stronger protection and quicker detection of and response to incidents. But the analyst offers a word of caution: “They cannot compensate for immature practices or a lack of skilled personnel. These technologies often demand advanced skills — in-house or outsourced — to design and operate.”
Click on the podchat player above and listen to Aurora talk about protecting your dynamic workforce with cyber AI.
- How are APAC enterprises combating cyber threats?
- Why are you advocating autonomous technology in the fight against cyberthreats?
- How would an AI-powered cyber defence strategy work?
- Given that most enterprises likely have a combination of defence-on-depth and zero-trust strategy/framework in place, where does this AI-powered defence solution be inserted? How do you insert it?
- AI in a regulated industry – pre-defined scope under which the AI will work.
- Given that IT budgets in 2021 will decline on the back of lower revenue than 2019, do you see an AI-powered defence solution as displacing certain cybersecurity solutions? If yes, which ones?
- Given the escalating nature of cyber defence, what is a realistic strategy for CIOs/CISOs to adopt that reflects the nature of their business?
- The problem with emerging technologies is the lack of skills familiar with the new tech and way of work. How will HR and CIOs address this skills shortage?