Artificial intelligence will create insights from threat data

REGIONAL TRANSFORMATION OUTLOOK 2019

Organisations will realise the importance of threat intelligence and will talk about the need for an intelligence function. What they really mean is that they want some insight from their vendors around the huge amounts of threat data they are acquiring. There may be a handful organisations who will stop recasting threat data as intelligence and instead focus on generating actionable insights from this data, the prerequisite for threat intelligence. Unfortunately, the vast majority still will not take any action from the data presented, which means they will not actually have any intelligence.

Artificial intelligence and machine learning will play a more prominent role as the velocity and variety of attacks makes conventional approaches – such as blacklists – outdated and ill-equipped to deal with modern cyber threats. The average phishing site, for example, is only online for a few hours. With such a crowded domain space, attackers have to be clever about the domains they register and exploit. Luckily, these domains generally have certain characteristics, which machine learning algorithms can exploit and detect, while other properties of attack vectors can also be recognised by appropriately trained artificial intelligence.

Artificial intelligence will also be used to detect break-ins, spam, phishing and more. Although it will mostly work well, look out for the occasional mistake: these will be utterly incomprehensible to humans, and very hard for vendors to explain to their customers. As our world becomes increasingly digitised and connected devices continue to permeate every aspect of our daily lives, the risks posed by cybercriminals are escalating.

A large-scale attack on critical infrastructure such as energy services, water supplies or even hospitals could cause massive damage and even loss of life. Autonomous vehicles, although not prevalent on our shores yet, are attractive targets for the more ruthless type of cybercriminal. And with the growth in digital medical devices, hackers could directly target an individual and interfere with their pacemakers or heart rate monitors.

Privacy will also become a key concern. Consumer connected devices such as cameras, microphones and wearables will become a major security issue as hackers discover ways to see live audio and video of unsuspecting people’s lives. The fallout of such an incident being exposed could drastically erode trust in technology and make people treat technology with greater caution as they realise the devices they have enjoyed without concern, carry immense risk to their personal privacy and security.

Brian Pinnock, Cybersecurity Specialist, Mimecast.

Key takeaways

A large-scale attack on critical infrastructure could cause massive damage and even loss of life.
Consumer connected devices such as cameras, microphones, wearables will become a major security issue as hackers discover ways to see live audio and video.

Tags: