FEATURE: ARTIFICIAL INTELLIGENCE
//////////////////////////////////////////////////////////////////////
There is little doubt that the Today, on the other hand, anyone can
increasing sophistication of launch a DDoS attack, as hacking toolkits
are freely available online and thousands
cyberattacks has resulted of tutorials are accessible on social media.
in the need to adopt new As the attack surface area expands, and
approaches. Dr Alex Tarter, thousands more hackers get in on the
CTO at Thales Cyber and action, threat detection is becoming far
Consulting, discusses whether more complex, with IT experts being
Artificial Intelligence has a forced to deal with protecting near-infinite
amounts of data.
key role to play in the battle
against cybercriminals. How can CISOs use AI to
H
How have cyberattack
techniques of recent years
become increasingly difficult
to detect?
Cyberattacks are getting harder to detect
for two key reasons. Firstly, technology has
evolved to more closely align with how a
business operates. The adoption of mobile
phones, tablets and IoT devices as part of
Digital Transformation strategies has opened
companies up to connect with more people
outside their organisation.
reduce the time to detect
the cyberthreats facing
their company?
Discovering an unknown cyberthreat is
like trying to find one signal in a whole lot
of noise; most of this noise is legitimate,
meaning the overwhelming minority of
malicious activity is like finding a needle in
a haystack.
AI can be most effective through two
methods: unsupervised and supervised
Machine Learning. Unsupervised learning
involves humans asking the AI for advice on
where their attention should be focused in
order to find the ‘needle’.
Huge amounts of data is being shared
with external parties as businesses turn to
technology to boost their revenue streams.
As a result, hackers are operating with larger
attack surface areas and their activities are
harder to detect, with much of it lost in this
increased data network. Essentially, asking it to search for anomalies
within large, generic data sets. Anomalies
aren’t always malicious though, and
hackers are generally quite effective at
masquerading their activities as legitimate,
but these processes can help uncover new
types of attack.
Alongside this, the threat community is
rapidly growing as it becomes easier to
launch reproducible and unsophisticated
attacks. Hacking once took dedication and
expertise, with zero-day attacks targeting
mostly unknown vulnerabilities. Supervised Machine Learning algorithms are
key in detecting known cyberattacks.
Human experts can feed trainer data into
the AI, using algorithms that represent good,
legitimate, and known malicious behaviour.
AI can’t answer every
security problem
. . . but it’s still a must-have
40
INTELLIGENTCIO
www.intelligentcio.com