Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

AI and ML to your defence

Issue 5 2022 Information Security

By the FortiGuard Labs team: Jonas Walker, security strategist, and Derek Manky, chief security strategist and VP, Global Threat Intelligence Labs.


Jonas Walker.

Threat actors are leaning on new tools and techniques to improve the efficiency of their attacks. Only artificial intelligence (AI) and machine learning (ML) move quickly enough to defend organisations in this evolving cyber-threat landscape.

In the past three months we’ve been seeing more speed, and speed can kill. Threats have been getting into a system, hitting the targets, exfiltrating data, demanding a ransom and getting out of a system much quicker than normal. This includes attackers capitalising on new vulnerabilities such as zero-days and n-days. They also appear to have become more aggressive, with double extortion, triple extortion and targeted attacks. Their approaches are more tactical, and we’re still seeing more volume. All of that translates to more risk.

In 2022, wiper malware has been much more active than recent years, which ties into the theme of aggression. This is destructive malware that’s wiping out hard drives and master boot records of systems. We’re starting to see this tying into the world of extortion too. We’re not just talking about data at risk, but systems infrastructure at risk now.

By using machine learning and AI, you’re reducing risk dramatically. First, at the basic level you have automation. Automation is largely to help with the volume of detections and policies needed at speed, reducing reaction time and offloading mundane tasks from SOC analysts. Then, ML and AI come into place for the threats that are unknown. AI is the action piece, whereas ML is the learning piece. Machine learning works on models, and each application can use a different model. Machine learning for web threats is entirely different from machine learning for zero-day malware. Organisations need to be able to do them all to effectively secure against various attack vectors.


Derek Manky.

Segmenting networks is something we recommend as a very effective practical approach to reducing risk. If you segment it, it won’t be able to spread and hit other systems and create further downtime.

Building on top of that, zero-trust and ZTNA are a big topic nowadays. There are a lot of things happening on networks, devices coming in and out, applications coming on and off, etc. The idea that nothing should be trusted inherently can significantly increase security; instead it should be earned trust. In addition to that, breach and attack simulation, and having a plan ahead of time, is critical.


Credit(s)

Tel: +27 11 543 5800
Email: malckey@technews.co.za
www: www.technews.co.za
Articles: More information and articles about Technews Publishing



Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

71% of organisations suffered an identity breach
News & Events Information Security
The State of Identity Security 2026 report from Sophos finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read more...
From the Editor's desk: Security goes mainstream
Technews Publishing News & Events
      Welcome to SMART Security’s SMART Mining & Industrial Security Handbook 2026. While the world is focused on cybersecurity and AI, physical security has become a board-level concern across South Africa’s ...

Read more...
Industry perspective on industrial cybersecurity
Technews Publishing News & Events Infrastructure Industrial (Industry)
The Industrial Security Harmonization Group has released a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.

Read more...
Cyber resilience is the real defence
Security Services & Risk Management Information Security Infrastructure
Cyber resilience has evolved into a form of strategic agility, ensuring that when an interruption occurs, the business does not just survive; it snaps back into place before the market even notices a pause.

Read more...
You will not get your files back with VECT
Information Security
If the newbie to the ransomware scene, VECT, comes knocking at your organisation’s door, do not pay the ransom! The decryption keys simply do not exist. They were discarded at the moment of encryption by the malware itself.

Read more...
Industrial sector is a primary cyber target
Information Security
Threats in industrial environments are distributed with striking uniformity: APT-driven incidents constitute 17,8%, malware 14,9% and social engineering 13,9%. This pattern suggests that industrial organisations attract a broad range of adversaries with different capabilities and objectives.

Read more...
The control room problem that nobody wants to talk about
Technews Publishing Editor's Choice
WhatsApp has become the unofficial backbone of security communications across the mining and industrial sectors, but it was never designed to be a security tool.

Read more...
Controlling access for people and vehicles
IDEMIA STid Security Technews Publishing Editor's Choice Access Control & Identity Management Asset Management Industrial (Industry) Mining (Industry)
When it comes to access control, the security requirements of mines and the industrial sector are similar, requiring a layered approach that combines physical barriers, digital authentication, and continuous monitoring to protect personnel, assets, and operational continuity.

Read more...
Key attributes of an effective cybersecurity leader
BlueVision Information Security
In an evolving technology landscape, an effective cyber leader must combine technical acumen, foresight, and adaptive leadership to mitigate risks, and risks can only be mitigated once accurately identified and remedial processes are in place.

Read more...
Employees are SA’s biggest cyber threat
Security Services & Risk Management Information Security
South Africa experienced a 46% increase in insider cyber risk in 2026, surpassing the global average of 44%. What is more, 63% of South African companies surveyed expect insider-driven data losses to increase.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.