Using AI to level the cyber playing field

Artificial Intelligence

By Derek Manky, Chief Security Insights & Global Threat Alliances, Fortinet

Imagine what you would have done differently in your network if you could have just seen a few years into the future. Would you have been quicker to embrace the cloud? What about the time and money spent on technologies that you now don’t really use? Every wiring closet has a number of expensive boat anchors sitting on a shelf somewhere gathering dust. Of course, if your organization has ever been the victim of a serious breach, it’s easy to guess how you may have prepared differently for that.

 Predicting the Future

Cybersecurity professionals have been warning organizations about the threats just around the corner for years. Some require years of experience to understand threat actor trends and malware trajectories. But others just stare you in the face.

According to one report, cybercriminals cost the global economy a total of $1.5 trillion last year. And the rate of growth for cybercrime looks likely to continue for some time unless organizations make a significant paradigm shift as to how they think about and deploy security.

Gaining the Upper Hand

Organizations need to begin using the technologies and strategies to defend their networks that criminals are using to compromise them. That means adopting an intelligently integrated approach that leverages the power and resources of today’s enterprise.

The Evolution and Future of AI

One of the objectives for a security-focused AI strategy is to develop an adaptive immune system for the network similar to the one in the human body where Artificial Intelligence can potentially identify threats and initiate and coordinate a response.

The first generation of AI is already in place in some sectors. Leveraging artificial neural networks and massive databases, systems using machine learning can rapidly sift through mountains of data to provide analysis and determine a proper course of action, all at network speeds.

The next generation of AI, currently running in labs and some production environments, is able better able to detect patterns by distributing learning nodes across an environment. This enhances its impact on things like access control.

The third generation of AI, however, is where things begin to get really interesting. AI will still require a central brain, but rather than a hub and spoke model, it will instead exist as an interconnected web of even more intelligent regional learner nodes.

Getting from Here to There

Today, different segments of the networks can’t see or talk to each other and collected threat intelligence often exists in isolation. The result is a fragmented security implementation that cybercriminals are all too eager to exploit. And this challenge is being compounded as more and more organizations rush headlong into adopting new technologies – today it’s the cloud and tomorrow it will be 5G and edge computing- without first properly considering all of the security ramifications. And that has to include prioritizing how the security to be deployed in new areas of the network will interoperate with existing systems.

For machine learning systems to be successful, they not only need access to critical security information, but that data will need to be seamlessly and instantly shared across the network so can be adapted to each networked environment’s unique configuration. This will also require taking a security-first approach to new network expansions to ensure that all network and security systems and devices are visible and consistently controllable from anywhere in the network.

The ability for machine learning and AI systems to take over many of the menial and detail-oriented tasks previously assigned to human resources will take a significant bite out of the growing cybersecurity skills gap. By shifting responsibilities to autonomous self-learning processes that function similarly to human autoimmune systems – hunting for, detecting, and responding to security events autonomously and in true real-time – valuable cybersecurity professionals will be able to focus their unique skillsets on higher-order planning and strategy. This transition will be critical as organizations move to adopt the advanced security-driven network strategies that will help their businesses succeed in the digital marketplace of tomorrow.


Leave a Reply

Your email address will not be published. Required fields are marked *