Automation of Cyber Security
In 2016, more than half a billion personal records were lost or stolen and data breaches are increasing at 85% a year [1]. As technology integrates deeper into our lives, the better it will know us. This means it keeps collecting data about us, even data we might not want to share or become public. In today’s ever complex and challenging environment, it is important for technology to be protected, secure and fail-proof. Think about this, what if someone hacks into your self-driving car and renders you powerless with no control of the car. Not just cars, implantable medical devices, airplanes, power grids, smartphones and public data centers to name a few, are all prone to cyber attacks. Cyber threats are growing at an alarming rate with each threat stronger than the previous one. Therefore, the future of cyber security lies in automation as manual defence systems which play a cat and mouse patching game against hackers are becoming too weak against cyberattacks that are automated by machines.
Security vendors should look to automate all processes that involve collecting, analyzing and manipulating large chunks of datasets to improve efficiency and save manpower. It can predict odd behaviours and run protection mechanisms faster. Data is the most important aspect for automation. Organizations should start by collecting relevant security data from their own infrastructure. They can also work with security vendors and important stakeholders to collect data from each other’s network to find recurring patterns that may lead to more attacks and work on dynamic threat analysis to accurately detect unknown attacks [2]. These large amounts of data used by machine learning and automation applications can produce quicker and more effective results. It creates a high barrier for entry environment for hackers thereby increasing security on multiple levels. Moreover, the lack of qualified cybersecurity professionals today is forcing security vendors to go with automation [3].
Time is of the essence when trying to prevent cyberattacks. Thus, as soon as a threat is identified the contingency protection mechanisms needs to spread out before the attack becomes severe. This would almost be impossible with a manual defense system due to time and complexity factors. Automation provides a closed loop system consisting of threat monitoring, identification and resolution. The process of creating protections on the go and intercepting threats can greatly reduce future attacks. [2]. Furthermore, by analyzing historical and present data, automation can identify if the host inside the company’s infrastructure is already infected and signal a warning before intervention.
Benefits of Automated Cybersecurity
There are a number of benefits associated with automated cybersecurity. It provides a level playing field to defend against incoming attacks. It improves efficiency by streamlining the identification and protection process of potential threats and this has an added advantage of reducing costs too. In addition, once the core infrastructure is automated it is less prone to human errors. Most cyber attacks in the past could have easily been avoided if not for human errors [4]. Automation provides a foundation for improved decision making by top level executives in emergency situations. It presents all analysed data in a single pane of glass facilitating for an easier decision making process.
Hurdles in Implementing Automated Cybersecurity
Despite the said advantages of automation in cybersecurity, companies face a few challenges in implementing it in their IT infrastructure. Firstly, automation can only sift through data that is given to it but intelligence from unstructured resources like blog posts, news stories and research papers are left out [4]. Cognitive computing needs to be added to make sense of the data. Secondly, companies want full control of their internal processes and by adding automation it may seem like they would have less control but in reality it increases visibility and flexibility within the system. Finally, highly experienced employees may have trust issues with new technologies and its capability. However, in the near future with the increase in size of data, complexity and volatility, automation holds the key to reduce and prevent cyber attacks. Its iterative closed loop process makes for a very capable defence system against even the strongest of cyber attacks.
References
[1] – https://www.symantec.com/security-center/threat-report
[2] – key/ https://researchcenter.paloaltonetworks.com/2016/12/what-is-automated-cybersecurity/
[3] – https://ayehu.com/top-cybersecurity-challenges-automation-
[4] – https://techcrunch.com/2016/07/01/exploiting-machine-learning-in-cybersecurity/
3 comments on “Automation of Cyber Security”
Comments are closed.
Great post! I believe that AI could be used as a tool to go through lots of data at once. However, I do not believe that AI should be in complete control of a company’s cybersecurity. I think, at least at this point in time, that we should still keep humans in the loop.
Definitely agree with you, Linton! Automation can monitor, identify and present threats but high level decisions should be taken by humans at the end of the day . However, if a particular pattern has historically repeated several times with the same solution chosen by the human, then the decision may be taken by AI itself.
Well written article. Kudos on that.
The fundamental security imbalance is that human experts are too slow to spot and fix the problems before the attackers exploit them. This makes automation the better available option.
Cyber security automation is the future of IT Security and Microsoft’s deal with Hexadite earlier this month makes it clear that it is important for companies to stay ahead of threats posing them.
https://news.microsoft.com/2017/06/08/microsoft-signs-agreement-to-acquire-hexadite/#K18TmmweS9qBB12a.97
Shristi Modi, MS&E 238A.
Users who have LIKED this comment: