Security professionals in the enterprise are facing an uphill battle to maintain control of corporate networks.
Data breaches and cyberattacks are rampant, sensitive information belonging to both companies and individuals is spilling unchecked into the underbelly of the Internet, and with the emergence of state-sponsored threat actors, it is becoming more and more difficult for organizations to keep up.
It is estimated the cyberattacks and online threats will cost businesses up to $6 trillion annually by 2021, up from $3 trillion in 2015.
Once cyberattackers compromise an enterprise network or cloud service, information can be stolen, surveillance may be conducted, or in some cases, ransomware attacks can lock down an entire operation and hold a business to ransom.
However, new technologies are entering the cybersecurity space which may help reduce the financial cost and burden on cybersecurity professionals pressed for time and often operating with limited staff and budgets.
Artificial intelligence (AI), machine learning (ML), and predictive analytics applications may one day prove to be the key to maintaining control and preventing successful hacks, data breaches, and network compromise.
These technologies encompass deep learning, algorithms, and Big Data analysis to perform a variety of tasks. The main goal of AI and ML is usually to find anomalies in systems and networks of note, whether it be suspicious traffic, unauthorized insider behavior and threats, or indicators of compromise.
Able to evolve over time, the purpose of AI technologies is to learn, detect, and prevent suspicious and dangerous activities with improvements and refinements the longer such applications and systems are in use. This provides companies with a custom cybersecurity system which tailors itself to their requirements, in comparison to an off-the-shelf, traditional antivirus security solution -- which is no longer enough with so many threats lurking at the perimeter.
In an interview with ZDNet, Paul Martini, CEO and co-founder of cloud gateway and security firm iboss said that enterprises are experimenting with these kinds of technology to "alleviate the staffing pressures caused by the well-known skills shortage in cybersecurity."
Cybersecurity Ventures estimates that by 2021, there will be 3.5 million vacancies in the cybersecurity market left unfulfilled. To make matters worse, a report from Capgemini estimates that only 43 percent of individuals in IT roles have the cybersecurity skills required for their jobs.
While the market as a whole, training facilities, and IT organizations rush to bridge the gap, AI and machine learning technologies may be able to alleviate some of the pressure that enterprise players now face to keep data secure and networks safe.
"AI, predictive analytics, and automation allow security teams to leverage technology and do more with less," the executive says. "AI and predictive analytics are critical aspects of improving efficiency and productivity because they reduce the number of false alarms and streamline time-intensive manual tasks."
"For cloud services, in particular, AI and predictive analytics can leverage network anomaly detection to not only identify potential security concerns but performance issues like latency," Martini added.
The range of these technologies is broad, but according to the executive, "any technology that takes the burden off your security and IT team is extremely useful."
Behavioral analysis, malware prevention, and email-based security solutions are of particular use to enterprise players when the cloud is concerned.
AI, machine learning, and predictive analytics used to monitor cloud services and networks can detect suspicious traffic, anomalies, and fraudulent emails, in order to hopefully prevent an attack before it occurs.
As both personal and corporate networks have now evolved from simple PC to router systems to include mobile devices, different operating systems, and Internet of Things (IoT) products, more robust security systems are required to keep threats at bay.
"AI and predictive analytics certainly make it more difficult for threat actors to penetrate networks but as we've seen throughout the years, threat actors are innovative and resourceful, skilled and dedicated attackers will continue to find ways to penetrate network security," Martini says. "While AI and predictive analytics will do well preventing the most frequent and basic attacks, highly targeted attacks that leverage unorthodox or custom attack methods will continue to cause problems for enterprise security teams."
However, AI and machine learning technologies are not intended to replace cybersecurity teams or human input.
Instead, these technologies are best suited as a means to augment security teams -- freeing them up from manual tasks to focus on more difficult challenges, patch processes, and critical security issues.
Data also comes into the mix. AI, ML, and predictive analytics are only as effective as the information the systems are working with, and unless enterprise firms are collecting high-quality information relating to services, users, network traffic, and more, they may find that avoidable false positives and incorrect conclusions will reduce performance levels.
"AI and predictive analytics are better suited for cloud-based cybersecurity functions because they have the benefit of larger datasets," the executive added. "The more historical and real-time data AI programs have, the better they will be. While AI and predictive analytics will still be valuable for traditional security solutions, the highest level of performance will always be in the cloud."
According to Gartner, 59 percent of organizations are still in the midst of developing AI strategies, while the remainder is in the process of piloting or adopting AI solutions across the board.
The research firm says that enterprises should focus on narrow AI, which are ML-based solutions which target specific tasks, including security and monitoring, rather than general AI applications, in order to maximize business value.