Using AI to secure the modern world – where enterprises are particularly vulnerable

Using AI to secure the modern world – where enterprises are particularly vulnerable As SVP of Product Management, Brian is responsible for overseeing product direction and innovation. Brian brings more than 25 years of experience to his role. Prior to MobileIron, Brian founded a startup in the identity management space. Before that, he was SVP of information services at Neustar, the leader in identity resolution. At Neustar, Brian’s teams were responsible for solutions in marketing services, risk and fraud, registries, and security services. He also oversaw the product development and go-to-market operations. Prior to that, Brian was CTO at Damballa, a private company that discovered advanced threats running in enterprises and large internet service providers. As CTO, Brian was responsible for the advanced research, product strategy, and engineering operations.

The types of threats that are targeting enterprises are evolving and completely different to what they were a decade ago. Enterprise attacks are no longer executed by “lone wolf” hackers, but instead come from highly sophisticated and professional cybercriminal networks. Artificial Intelligence (AI) and machine learning (ML) can be harnessed by hackers to automatically seek out weaknesses in organisations’ ecosystems. 

AI presents hackers with the opportunity to scale attacks like never before. Take for example ‘deepfakes’. ‘Deepfakes’ use AI to synthesise a person’s face and stitch it onto another, meaning that fake videos can be created impersonating people of influence and then disseminated to vast audiences such to the extent that a report from New York University outlined them as one threat that could have an influence on the outcome of the 2020 election.

While this is an extreme example, it highlights the scale of the potential risk posed by AI cyber threats. This presents enterprises with a problem, because previously used defence methods are no longer fit for purpose.

Is it time to start fighting fire with fire, and leverage AI to combat AI attacks?

Enterprises turning to AI

Using AI to fight AI is a sensible route for enterprises to take. If AI can be used by inauspicious forces to scale their attacks, then it is highly likely that enterprises can adapt the same technology and use it to scale their defence operations.

An attacker needs only to find one open door; one weakness in an enterprise’s security. Adversely, the enterprise has to beat the attacker to the punch and find all the doors and lock them. AI conducts this at a pace and thoroughness human ability can no longer compete with.

AI provides increased speed, accuracy, and scale compared to more common security approaches such as a traditional desktop antivirus.

Businesses are starting to see the value that AI can play in protecting their enterprise. A recent Capgemini report found 69% of enterprises believe AI will be necessary to respond to cyberattacks and 73% of enterprises are testing use cases of AI for cybersecurity across their organisations today with network security leading all categories.

One UK-based unicorn leading the way on this is Darktrace, which is helping organisations use AI to fight AI, through autonomous response. Its award-winning Enterprise Immune System defends against new threats and operates without prior knowledge or signatures.

AI to enable Zero Trust

Digital transformation and evolving cybersecurity threats mean that enterprises must completely rethink their entire security architecture. With the move to cloud computing, the traditional network perimeter is dead.  Businesses should look to implement a zero-trust security framework, which has been designed in direct response to this diminishing perimeter. Zero trust considers an ation’s network to be already compromised and as a result applies a ‘never trust, always verify’ logic to network access. 

When it comes to access, Zero Trust is built on four main pillars:

  • Verify the user
  • Validate their device
  • Limit access and privilege
  • Learn and adapt

The final pillar, learn and adapt, is very well supported by the use of machine learning to discover unusual or risky user behavior. When this behavior is identified, conditional access can be applied without having a major impact upon the user experience. This can all happen in real-time.

AI and machine learning (ML) are major assets for organisations when monitoring this new environment. It allows them to analyse locations, devices, IP addresses, and times a typical employee logs into a cloud application to offer valuable insight regarding unusual account behavior. This information helps detect abnormal behavior and determines if the user account has been compromised in an account takeover attack.

Using AI to kill the password

At MobileIron, we recently commissioned a survey of 200 executives and others who make decisions about cybersecurity, mostly in companies with 1,000-plus employees. Those surveyed say they’d halve their risk of breaches by eliminating passwords. It is clear that the outdated use of password as a gatekeeper has to go, so we can improve both security and employee experience.

To overcome this issue and kill the password for good, organisations need to take a mobile-centric zero trust security approach. Using AI and machine learning, this approach goes beyond identity management and gateway approaches by utilising a more comprehensive set of attributes to determine compliance before granting access. It validates the device, establishes user context, checks app authorisation, verifies the network, and detects and remediates threats before granting secure access to a device or user.

A security strategy fit for the future

AI and machine learning have absolutely revolutionised cybersecurity. They have improved the ability of organisations to anticipate and prevent attacks, whilst protecting the increasing number of threat surfaces brought about by digital transformation. Combined with a well thought-out zero trust framework, AI and machine learning are vital parts of any enterprise’s security strategy.

Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data ExpoCyber Security & Cloud Expo and 5G Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *