Though it would be convenient, the fact that more and more organizations have dealt with cyberattacks doesn’t mean that similar attacks will stop anytime soon. As long as the economic incentives remain, the number of attacks will only increase, especially as money from successful ones flows back into the cybercrime infrastructure.
If cybersecurity is already daunting for many organizations, is there a way to make protecting data any more manageable in the coming year? IEEE asked a number of experts what cybersecurity advances they expected to see in 2018, and one answer was fairly unanimous: Artificial Intelligence.
For many organizations, analysts in security operations centers spend their days sifting through hoards of log files for suspicious activity. The repetitive nature of this work makes AI an ideal replacement, says Kayne McGladrey, IEEE Member, Director of Information Security Services at Integral Partners (US): “Artificial intelligence has been shown to be good at pattern recognition and correlation over a vast number of data points, and can make connections faster than human analysts would.”
“As a result of constantly-evolving cyber threats, building static defence systems for discovered attacks is not enough to protect users,” says Kevin Curran, IEEE Senior Member, Professor of Cyber Security at Ulster University, Northern Ireland (UK). Due to the rapid rate of change, “more sophisticated techniques such as machine learning are now needed to discover the embedded and lurking cyber intrusions and cyber intrusion techniques.”
Developing cybersecurity-specific AI with machine learning capabilities isn’t exactly easy. Unfortunately, other factors will make the challenge even harder. Andre Leon S. Gradvohl, IEEE Senior Member, Professor at the University of Campinas (Brazil), points to the emergence of cybercrime-as-a-service, “which, in a nutshell, means that we can buy or rent kits for practicing ransomware or malware.” And while AI and machine learning can help monitor for these attacks, “cyber criminals may also have these tools and can use them to promote attacks.”