How artificial intelligence is influencing the cybersecurity world – DATAQUEST

Cybersecurity is a strategic challenge for global enterprises today. The rapid digitization, accelerated by the pandemic, has brought forth an expansion in the attack surface thereby stressing on the need for more autonomous cybersecurity defenses. Many CISOs are making a fundamental shift to an interconnected and perimeter-less ecosystem. They are moving from siloed point solutions to standardized reference architectures including enterprise-wide security platforms, open protocols, improved visibility, and self-learning capabilities to increasingly automate the cybersecurity defenses.
The significant pace in the rise of vulnerabilities (more than 50 CVEs logged each day in 2021), exploited by new age cyberattacks, is adding stress to the cybersecurity community. This exponential increase in cyberattacks, led by the zero-day attacks, has rendered the static rules and signature-based algorithms ineffective. Further, the adoption of cloud, IoT, and 5G are leading to increasingly complex business environments and the expansion of attack surfaces. This builds a credible opportunity for effective adoption of Artificial Intelligence (AI) to secure the ecosystem and build a cyber resilient relationship with the end users. Statistical study shows that 62% of attacks were recognized after they have caused significant damages to the cyber systems.
AI, including machine learning and deep learning, supports the following types of algorithms to strengthen cybersecurity related use cases:
As cyberattacks get increasingly sophisticated, defense strategies need to be equally equipped at the large-scales and provide agility of integration across cloud (and hybrid) infrastructure, SaaS applications, zero-trust environments, OT/ IOT devices, network systems etc. Considering this, enterprises should adopt a multi-pronged approach for effective use of AI techniques in becoming cyber resilient. This includes:
Enterprises should prioritize their business risks mapped with cyber strategy to identify areas which can be augmented with AI. For example, AI-based predictive analytics establish hidden patterns, detection of threats/ anomalies etc, in latent space across structured and unstructured data sources from heterogenous systems. A well-defined strategy must identify areas where AI should be implemented for best securing the interests of the enterprise. This strategy should prioritize areas of immediate focus versus those which can be gradually integrated with AI-based controls and the risk fabric of the enterprise.
The cyber security strategy should establish a core reference architecture which integrates the disparate cyber security systems, policies, and processes. The reference architecture pattern should integrate AI and non-AI based controls to monitor, detect and respond to perceived cyber threats.  The effectiveness of the reference technology blueprint of cyber security controls must be continuously mapped with the enterprise cyber security strategy.
Enterprises should execute risk analysis as part of the initial AI control design for cyber security, including access management, dataset collection, and AI process governance. Thus, identification of adversarial events generated from AI must be outlined and risk-mitigation plan should be baselined. The key risks that need to be considered for AI include- privacy, adversarial cybersecurity, fairness, transparency, safety and third-party risks.
Appropriate investments should be66 made on building talent related to cybersecurity, AI techniques and automation as cyber attackers will continue to use AI-enabled technologies. Experts who can understand the nuances of cybersecurity domains and the AI-enabled algorithms to defend against the cyberattacks are critical for deriving positive outcomes from AI integrated techniques.
In conclusion, the rational intersection of cybersecurity and AI has a larger applicability for managing the cybersecurity posture of an enterprise. However, the application of AI to CyberSecurity is a learning-based research area and not free from problems. In fact, studies have classified AI as a double-edged sword requiring enterprises to have a systematic approach in identification and prioritization of AI risks and implement mitigation controls against such adversaries.
The article has been written by Kumar MSSRRM, AVP and Delivery Head at Infosys Cybersecurity
The world has undergone a remarkable transformation over the past few decades, and the coursework…
Fortinet releases new research on key concerns around the cybersecurity talent shortage, recruitment, diversity, and…
The Technology landscape in India has grown leaps and bounds when it comes to the…
Your email address will not be published. Required fields are marked *

In conversation with DQ’s DeepTech Studio, Akshat Jain, Co-founder, Cyware talks about…
NTT Ltd. in India announced the opening of its new hyperscale data…

Should IT Companies Make Work from Office Mandatory?

View Results

Connect with Chris Hood, a digital strategist that can help you with AI.

Leave a Reply

Your email address will not be published.

© 2022 AI Caosuo - Proudly powered by theme Octo