By Enterprise Security Magazine | Thursday, March 05, 2020
No matter how hard humans try, they are unable to keep up with the data processing, analysis, and other tasks needed to prevent an attack that is when artificial intelligence (AI) and its subset learning must be implemented.
Fremont, CA: Organizations can leverage AI capabilities to monitor and analyze huge amounts of data to establish what normal behavior is what should be flagged. It also helps the security teams in reviewing this ever-increasing pool of data. Risk-adaptive authentication can be used as the first line of defense to prevent hackers from getting into the system. It uses AI to adapt authentication proportional to the risk of login, which will require a stronger authentication for greater-risk transactions, where low-risk transactions authenticate in the usual way. If the hackers get in the system, then User and Entity Behavioral Analytic system (UEBA) is the second line of defense. They use AI to provide in-depth analytics of user and device behavior to create a normal baseline and flag anomalies. But both risk-adaptive authentication and UEBA systems are unable to analyze and monitor vast amounts of data quickly so that they can detect potential threats in real-time.
Malicious AI and Data
The cyber attackers are also trying to overshadow their abnormal behavior from the AI systems, and their first tactic is to swamp the system with inputs, to hide what normal data trends and patterns are. There are examples of malicious AI usage in biometric authentication. Last year a company was scammed into a massive wire transfer by an attacker who had spoofed the voice of the CEO while talking to the financial analyst.
Predicting the Future Attacks
This is one of the areas for real development in the upcoming years. When the AI system understands how and when the attacks occurred in the past, the next step will be to predict future attacks. Utilizing temporal analytics as well as structured and unstructured data analysis and integration, the companies can build complex social media and other open-source intelligence models to predict future attacks.
Many businesses still hesitate to invest in AI; there are few ways how they can protect themselves. To start with, they should ensure that the organization’s vendor is using AI or machine learning in ways that will enable the organization to take advantage; this is easier than developing their propriety AI algorithms. Then educate the employees about how phishing and social engineering attacks are getting sophisticated. Lastly, they should protect their access points, preventing hackers from getting past the first line of defense.
see also: Top Artificial Intelligence Solution Companies in UK
Credit: Google News