Securing the AI dream with machine learning

By Steve Wood, Blog Contributor
Share Post


AI has been a hot topic for a while now. Many articles are painting the picture of an almost fantasy-like world filled with smart personal assistants, driverless cars, purchase prediction tools and more. However, what we tend to forget is the reality: the access that cybercriminals have to these AI technologies.

My take, as with every innovation, is that security needs to evolve as quickly as these new technologies to ensure that this almost fantasy-like AI world is sustainable. This is especially so in Asia Pacific where cyberattacks are on an exponential rise. A recent report found that threat attacks on Asia Pacific companies increased drastically in 2017 as compared to 2016, specifically in ransomware (1000% increase); threats from hijackers (522% increase); spyware (200% increase); and worms (50% increase).

Thankfully, a new technology is becoming increasingly mainstream and will allow companies to tackle the latest threats as they appear on the network. A security framework that moves as quickly as we do—behavioral analytics.

What is behavioral analytics?

As the name suggests, behavioral analytics engages machine-learning capabilities to study users' everyday behavior across various systems and devices. The devices we choose, the locations we work in, and the people we send data to—these are all examples of everyday behaviors, which are unpredictable and tough to track.

These days, concerns over data protection are reaching an all-time high on both the consumer and organization front. This is of increased concern to CIOs especially, as GDPR implementations loom ahead.

How can data protection be effectively handled, when the behavior of users are unpredictable, and as hundreds of new devices get connected each day? Being able to manage every unique incoming and existing device and create policies for each is a task beyond any human IT team.

Just when you would think that the scale of the challenge is too vast, behavioral analytics comes in to help manage. Unlike humans, machines are capable of analyzing millions of individual packets of data, making a truly individual approach to security possible. What's more, the human agent does not have to intervene until the network has raised an alert.

Using behavioral analytics, such as Aruba IntroSpect User and Entity Behavior Analytics (UEBA), IT managers can create standard profiles for each employee on the network. Sales managers get access to Salesforce, customer service agents access Skype, and so on. The behavior of each employee becomes quickly personalized with machine learning. As soon as an employee behaves in a way that strays outside of their profile, the network sees it and sends an alert. Until that's resolved, your access is restricted.

Just think of the opportunities here. Up until this point, the work of security monitoring and network access control can be managed automatically. Imagine all the time you can save!

The impact of automated security on human workers

To me, the work of security teams stands to benefit immensely through machine learning and AI. The technology doesn't have to replace the human element in operations. On the flipside, it can assist by creating a better quality of issue for humans to make decisions based on. Access to a file, for example, is not an automation issue. AI can flag the request, but a human can make the decision.

I believe this will create a change in the type of jobs we will start to see in security. Security staff will move from being operational to making the decisions. The Security Manager can become the Policy Manager. And the security threat? Automated.

The approach of human workers will be different, but no less important. For example, more demand for security at the core of the network needs to be built-in through the design of the network—and not as an after-thought. Solutions like the Aruba ClearPass help to build a seamless and secure path from device to the core based on set policies, allowing for quicker threat detection and response.

CIOs are increasingly aware that information and data is the new capital, and the network is the entry point.

We have learnt hard lessons from the 2014 Heartbleed data leak and 2017 WannaCry ransomware attacks which plagued organizations across the Asia Pacific region. This time, let's battle cyberattacks with increased visibility and control through behavioral analytics and win the war against cybercrime.