Organizations around the world are increasingly finding themselves in the crosshairs, as data breaches become more common. A 2019 case study reported an escalation of 17% over the year, with 60% of companies falling victim in the last three years. In the Asia-Pacific (APAC) region, where cities are becoming more connected through a burgeoning Internet of Things (IoT) market, organizations are particularly vulnerable. According to a 2017 study from Aruaba, 88% of APAC companies surveyed had endured at least a single breach related to IoT, which is higher than any other region. However, just as hackers are getting smarter, so are cyber security experts—and they’re getting a major boost from artificial intelligence (AI).
How Artificial Intelligence Can Augment Cyber Security
One challenge organizations face with cyber security is the time and manual labor needed to sort through user data requests. For example, two-thirds of organizations that responded to the Gartner 2019 Security and Risk Survey reported that it takes them no less than two weeks to deal with just one subject rights request (SRR). SRRs, which allow individual users to request information about their personal data within a given timeframe, cost these enterprises an average of $1400 USD.
In an effort to reduce the time investment, artificial intelligence can help cyber security employees deal with SRRs much faster.
“You can imagine a wide variety of functions that benefit from speed and the ability to handle large volumes,” Bart Willemsen, research vice president at Gartner, told Tech Republic. “These include data discovery with ML, attribution to individuals with natural language processing (NLP), or even the usage of chatbot interaction to answer large volumes of SRRs with underlying ML to automate the actual answer to the request. It improves both the internal levels of control, operationalizing the personal data lifecycle in an automated way, as it can improve the customer’s Privacy User Experience (UX).”
According to the Gartner report, 40% of cyber security technology will depend on AI in the next three years, up from just 5% being used today.
How Some Cyber Security Experts are Setting Traps
At the University of Texas Dallas, a team of researchers is taking a revolutionary approach to dealing with cyber criminals. Instead of trying to keep them out, they are inviting them in. Their method, which they’ve dubbed “DEEP-Dig” (DEcEPtion DIGging), employs a technique known as “deception technology.” The team sets up a fake website to lure hackers. Once hackers make their way into the system, it tracks their every move and learns how they do their dirty work. The data is then used to train the real system against potential attacks.
“There are criminals trying to attack our networks all the time, and normally we view that as a negative thing,” Dr. Kevin Hamlen, Eugene McDermott Professor of computer science, told Science Daily. “Instead of blocking them, maybe what we could be doing is viewing these attackers as a source of free labor. They’re providing us data about what malicious attacks look like. It’s a free source of highly prized data.”
More Organizations are Turning to Zero Trust
There’s another radical idea quickly gaining ground in the cyber security arena: zero trust. According to this philosophy, a network should trust nothing outside its confines. Anyone or anything trying to gain access has to go through a strict verification process in order to gain privileges to information within the network. In other words, it shifts responsibility from the organization to the user.
“Instead of looking at whether you’re in the office or connecting to a particular [virtual private network], the emphasis is on who you are and what you have access to,” Joseph Doyle, director of workplace technologies at Rubrik Inc., a company that utilizes zero trust, told siliconAngle.
There is a catch, however. Users have to accept that ensuring security is their responsibility to ensure rather than an organization. They must also be willing to experience some amount of inconvenience for the sake of privacy. Regardless, users may need to get used to these requirements. A recent survey by Pulse Secure LLC found that while only 4% of enterprises incorporate zero trust today, 69% aim to do so in the months and years ahead, with nearly 50% employing it by the end of 2020.
Improving Cyber Security in Your Organization
Having the proper tools and systems in place can prevent data breaches and cyber crimes. As the world becomes more automated, it’s crucial for your organization to understand the available cyber security measures to protect its data and devices. Cyber Security Tools for Today’s Environment, an online 11-course program from IEEE, helps businesses improve their security techniques.
Contact a specialist today to get access to the course program for your organization.
Interested in learning about getting access to the course for yourself? Visit the IEEE Learning Network to learn more.
Horner, Kim. (27 February 2020). Computer scientists’ new tool fools hackers into sharing keys for better cybersecurity. ScienceDaily.
Bayern, Macy. (25 February 2020). Why 40% of privacy compliance tech will rely on AI by 2023. Tech Republic.
Gillian, Paul. (23 February 2020). ‘Trust nothing’: As breaches mount, a radical approach to cybersecurity gains favor. siliconANGLE.
Antova, Galina. (19 February 2020). Why smart cities should also be cybersecurity cities. South China Morning Post.
(28 February 2017). 88% Of Organizations In APAC Have Experienced At Least One IoT-Related Security Breach. Clio & Leader.