Why companies should be using AI to fight cyberattacks

Cyberattackers use AI, so why not apply it as a protection? One skilled explains why AI can take your cybersecurity to the subsequent degree of safety.


Picture: iStockPhoto/maxkabakov

In any debate, there are at all times a minimum of two sides. That reasoning additionally applies as to if or not it’s a good suggestion to make use of synthetic intelligence expertise to strive stemming some great benefits of cybercriminals who’re already utilizing AI to enhance their success ratio. 

SEE: Google Chrome: Safety and UI ideas that you must know  (TechRepublic Premium)

In an electronic mail change, I requested Ramprakash Ramamoorthy, director of analysis at ManageEngine, a division of Zoho Company, for his ideas on the matter. Ramamoorthy is firmly on the affirmative aspect for utilizing AI to combat cybercrime. He stated, “The one method to fight cybercriminals utilizing AI-enhanced assaults is to combat fireplace with fireplace and make use of AI countermeasures.”

Why select AI in cybersecurity?

An apparent query is: Why add one other costly expertise to an organization’s cybersecurity platform, particularly in a division that many higher administration sorts contemplate to have a horrible return on funding? Ramamoorthy supplied the next causes:

  • Enterprise safety and privateness practices have change into the illustration of the trustworthiness of a enterprise. A safety breach or free privateness practices would possibly injury a corporation’s popularity to the extent that it might drive away prospects to opponents, regardless of the competitiveness of your providing.
  • It is solely honest that you just put your finest foot ahead to ensure you keep on prime of the cybersecurity sport. Deploying evolving applied sciences like AI into your safety practices can ship sturdy alerts to your prospects that you’ve got been taking them very significantly, and also you’re in it for the long run.

In addition to sustaining an excellent public picture, Ramamoorthy stated he believes AI can assist a corporation keep forward of cyberattackers. Everyone knows the pandemic world has democratized entry to delicate information. Confidential data is now not restricted to personal networks or company gadgets however might be accessed from wherever on any gadget. 

“This provides hackers a number of potential entry factors to entry your confidential enterprise information illegally,” Ramamoorthy stated. “Attackers use highly effective strategies like AI to use unsuspecting end-users to realize entry to privileged data by compromising stated entry factors.”

SEE: Password breach: Why popular culture and passwords do not combine (free PDF) (TechRepublic)

One other drawback is that conventional (non-AI) safety approaches have at all times labored primarily based on static thresholds. Attackers can sport the system by flying beneath the radar of static thresholds.

With that in thoughts, Ramamoorthy then requested why organizations aren’t utilizing the identical expertise to combat again? The time is ripe for upping the safety and privateness safety sport with the assistance of AI. Ramamoorthy supplied a number of real-world cyberattack situations and the way AI would help cybercrime-fighters.

  1. Instance: A corporation with a SIEM answer has it set to alert when the variety of failed logins to entry proprietary data reaches ten per minute. A brute-forcing attacker can nonetheless do 9 failed logins per minute and stroll away unidentified.
    Answer: Set elastic thresholds with minimal-to-no human intervention. Additionally, AI can monitor login patterns and arrange thresholds relying on a number of variables like time of day, day of the week, and different latest traits in data entry. For instance, a Monday morning at 9 AM and a Saturday morning at 3 AM would possibly want completely different thresholds.
  2. Instance: An ill-configured threshold might result in alert fatigue to whomever is answerable for monitoring SIEM system alerts. 
    Answer: AI can mitigate alert fatigue by figuring out frequent, uncommon, unseen patterns and setting the alert precedence accordingly.
  3. Instance: It’s practically inconceivable for cybersecurity personnel to watch entry to each potential ransomware and phishing web site. 
    Answer: AI might be deployed at endpoints to assist establish and quarantine malicious web sites, thereby enabling higher data-access practices mixed with strategies like multifactor authentication and zero-trust safety.

Can AI enhance safety of knowledge saved within the cloud?

Ramamoorthy stated he believes AI can guarantee higher safety throughout the tech stack—from cloud deployments to endpoints accessing information. “Rule-based programs may not be capable to catch safety vulnerabilities throughout the stack and would possibly want complicated guidelines to be written and maintained over time,” Ramamoorthy stated. “With AI, the thresholds are mechanically set relying on the pattern and seasonal patterns within the information.”

He continued, “On the cloud degree, AI can restrict entry to privileged data and keep away from varied assaults like Distributed Denial of Companies, zero-day exploits, and many others.”

What to search for in AI-security options

In line with Ramamoorthy, you will need to guarantee the chosen AI answer envelopes in your entire stack. Additionally, SIEM merchandise with AI-based UEBA (Person and Entity Conduct Evaluation) instruments would assist make sure the safety of crucial programs.

He additionally famous endpoint-protection merchandise are beginning to embrace AI-based options reminiscent of ransomware identification and malware mitigation.

Deploy AI capabilities sooner fairly than later

Ramamoorthy instructed utilizing AI in cybersecurity is a wonderful method to keep away from being the lowest-hanging fruit on the digital tree, as not many organizations are actually using AI cybersecurity options. That’s not true with cybercriminals; they’re eager on AI and deploying extra AI-enhanced cyberattack expertise day-after-day.

There’s a cause Ramamoorthy used the examples he did. He defined why in his parting feedback: “Embracing AI-based UEBA modules as a part of a corporation’s SIEM answer needs to be step one, as it’s a useful manner of monitoring customers and entities, in addition to figuring out suspicious patterns early on.”

Additionally see

Recent Articles


Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox