Assessing impacts: The meteors of security and AI

May 2019 Cyber Security

A 2018 study found that the illicit proceeds of global cybercrime had reached $US 1.5 trillion annually. Norton Security estimated that by 2023, a total of 33 billion records would be stolen each year. Internet of Things (IoT) attacks increased by 600% and Microsoft cloud user accounts saw a 300% increase in cyber-attacks over the past year. It is little wonder that worldwide spend on security-related hardware, software, and services are forecast by IDC to reach $US 103.1 billion in 2019. There is a need for a new security paradigm that makes greater use of emergent technologies and is more agile and effective than in the past.

Jon Tullett
Jon Tullett

“The security challenges and requirements for business 2.0 require far greater use of analytics and machine learning to identify the baseline behaviours of people, applications and infrastructure,” says Jon Tullett, research manager for IT services, IDC South Africa. “This will allow for rapid responses to potential threats and makes better use of cloud technologies – both public and private – to build out an in-depth defence that is consistent with oversight within the organisation.”

Incident response will always be a part of security, but the sad reality is that it is also always behind. That said, the next generation of cloud technologies and analytics can greatly improve security capabilities and help organisations overcome that sense of always being left behind. While there will be a new generation of threats loping casually beside – and ahead – of technology’s evolution, the measurements that assess the efficacy of a security system should be around response times. Did the business respond faster than it did in the past?

“A much faster and more agile infrastructure needs new thinking about policies and compliance,” says Tullett. “Orders of magnitude increase in data transactions and volumes require different ways of thinking about protection and threat mitigation. This is further affected by the fluidity of on-demand applications and API access as they increase the number of unpredictable types of access to systems that were, in the past, easy to secure.”

Going forward, security must place scale and agility at the centre of design thinking and planning. The security team has to build capability that allows them to move faster and take more effective and decisive action with greater insight and confidence. Today’s security products aren’t ready for this. What’s needed is a next generation set of thinking and tools that are in line with the technologies that preceded them.

“This isn’t an incremental change,” adds Tullett. “Most of today’s security tools and many of today’s security companies probably will not survive to see the next generation of business. The changes that are coming are going to have a disruptive impact on market, business and security thinking.”

Of course, in the meteor shower of disruption, it’s hard to avoid the conversation of artificial intelligence (AI). Every organisation and individual want to know what impact of this technology will have on the organisation. The reality is that the changes it will make to life and business will be fairly mundane.

“It will offer better insights, efficiencies and more confident decision-making, sure,” says Tullett. “There will be outliers where an AI model will create a completely new business or achieve an unheard-of improvement, but they will be the black swans. There will also be some businesses that may be dramatically impacted by AI in the next five to ten years, but it will be limited within a niche. For most the future is mundane improvements, for that niche, the disruption will be severe.”

Perhaps the question isn’t the impact of AI but rather the impact of not investing in AI. Can the organisation afford not to make a move towards a technology that has proven results and delivers improvements to the bottom line?

“If your competitors are improving their customer experience and gaining efficiencies, you have to keep up,” concludes Tullett. “The good news is that a lot of AI won’t require separate investment. All the enterprise software vendors have a plan to leverage AI capabilities within their products so they will be a subscription service for most customers. And that will effectively answer both questions.”




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

The enemy within – insider ­security threats
May 2019, Wolfpack Information Risk , Editor's Choice, Cyber Security, Financial (Industry)
Insider threats in today’s financial world are insidious and destructive and your defence against insiders should start long before the person assumes his/her position.

Read more...
LoJax: Be very careful
May 2019 , Cyber Security
Even replacing drives won’t kill this malware, which is still active more than nine months after researchers from Arbor Networks detailed it.

Read more...
Visibility is key, and lacking
May 2019 , Editor's Choice, Cyber Security
Cybercriminals are most likely to be caught on servers and networks, but detecting their time and point of entry remains a mystery.

Read more...
The benefits of machine learning and UEBA
May 2019 , Cyber Security
Combining accurate and essential user behavioural data with machine learning allows you to more accurately monitor your users on an endpoint-by-endpoint basis.

Read more...
Insiders: who are they?
May 2019 , Security Services & Risk Management, Cyber Security
The 2018 Insider Threat Report by Cybersecurity Insiders reports that more than 51% of companies are concerned about unintentional insider attacks.

Read more...
Securing the Industrial Internet of Things
May 2019, Axiz , Cyber Security, IT infrastructure, Industrial (Industry)
The very benefits that makes the IIoT so compelling, makes it equally capable of damaging infrastructure operations and processes through bad actors.

Read more...
Hybrid cloud and hyper-converged data protection
May 2019 , IT infrastructure, Cyber Security
Arcserve Unified Data Protection extends disaster recovery and backup technologies to prevent downtime and data loss for hyper-converged and SaaS-based workloads.

Read more...
Vivotek strengthens cybersecurity
May 2019 , CCTV, Surveillance & Remote Monitoring, Cyber Security
Vivotek has announced the availability of comprehensive protection in its Cybersecurity Management Solution under the strategy of its 'Security within Security' campaign.

Read more...
Scammers target job seekers
May 2019 , Cyber Security
Kaspersky Lab experts detected a blast of sophisticated spam emails in the first quarter of 2019, featuring fake job-offers that seemed to come from HR recruiters in large corporations.

Read more...
Protecting Microsoft cloud environments
May 2019 , Cyber Security, Integrated Solutions
Trend Micro Southern Africa announced the local launch of its Trend Micro Cloud App Security point of presence, designed to provide customers added security and protection of their Microsoft Office 365 environments.

Read more...