Today, organizations have digital networks that are larger and more complex than ever with no signs of slowing. With the massive growth of cloud, mobile, and Internet of Things (IoT) devices being interconnected to an enterprise come a larger, more susceptible surface vulnerable to an attack. This large mass of connected devices flowing into corporate enterprises creates a prime environment for hackers and cyber criminals.
IoT devices alone are coming into the marketplace at an unprecedented rate. According to the 2017 Internet of Things Report by Business Insider, the marketplace is expected to see an increase of more than 22 billion new IoTdevices in use by 2021. Companies are expected to spend almost 5 trillion dollars on IoT devices alone, according to the same report. Many of these devices are delivered to the end user with factory-set, hard-coded passwords making them a weak point in a network’s security.
In February of 2017 Vizio settled a $2.2 million lawsuit alleging that Vizio collected customers’ TV-watching habits without their knowledge or permission.
In August of this year, it was reported that Disney apps were collecting data on children through IoT devices.
Experts have expressed concern with Amazon’s Echo, stating that it could become an attacker’s listening device.
A recent experiment showed that IoT devices are his by a credential attack every two minutes.
These new technologies offer indisputable conveniences like mobility and automation, and will only continue to grow in use and function. Businesses need to look to new technologies, like Artificial Intelligence and Machine Learning, for effective protection as these businesses continue to broaden their perimeter.
AI and Machine Learning are being applied to more industries and applications than ever before as data collection, storage capabilities, and computing power increase. AI’s impact on cybersecurity means that attacks and weaknesses can be analyzed and improved upon in order to mitigate future attacks. Using AI in the battle against cyber criminals is a promising tool that could help slow down the increase we are seeing in data breaches globally. One of the biggest challenges cybersecurity firms face is the ability to see what is happening in and around the IT infrastructures they are working to protect.
Enormous amounts of data are being collected through incident logs. Challenges persist determining where all the corporate data lives, who has access to it and what those users are doing with it. These data logs are amassing daily, totaling hundreds of millions of logs every single week. Machine learning and Artificial intelligence provide the ability to siphon through mountains of data looking for potential threats in a fraction of the time while improving its continual effectiveness via the data it is collecting. The automation that AI provides proves to be useful in removing the most time-consuming tasks from the data security equation. Behaviors of authorized users, accounts, and other activities on a network can be observed by AI, which can then identify deviations from normal behaviors. Machine learning algorithms can continually adjust its baseline while continually adapting to ever-changing risk to the environment.
With the rise of cybersecurity attacks, AI provides a formidable tool to help keep pace with the increase in global cyber attacks. Unfortunately, AI and Machine learning have their faults and are still far from an end all be all solution. Artificial Intelligence by nature needs human interaction and training to continue to improve and correct for false positives and new cyber criminal innovations. The ownership and use of AI, unfortunately, isn’t exclusive to those working to protect networks.
Cybercrime is a big business and isn’t going away anytime soon. Cyber criminals will invest in tools and technologies for an increase in successful attacks. More successful attacks equate to more profitability. We are seeing a significant increase in ransomware attacks, many of these using machine learning to improve capabilities and likelihood of successful attacks. AI is even being incorporated into phishing attacks to mimic writing styles of colleagues and friends. We are entering an era of machine vs machine in the world of cyber security. In an effort to keep pace with increasing attacks businesses will need to collaborate and innovate ensuring that AI applications designed to protect are learning at a much faster rate than those that are learning to attack.
In August of 2017 a bipartisan legislation titled “IoT Cybersecurity Act of 2017” was introduced. A fact sheet pertaining to the proposed bill released by the Senators states, “While IoT devices and the data they transmit present enormous benefits to consumers, the relative insecurity of these devices presents enormous challenges. This legislation is aimed at addressing the market failure by establishing minimum security requirements for federal procurements of connected devices.”
For more information about the 5thColumns full suite of data security services and products and how we incorporate AI into our security solutions, please fill out the demo portal on our website and one of our data security specialists will get in contact with you shortly.