The UK government statistics for 2016 reported that 65% of large firms detected a breach in the previous year, a quarter of which occurred at least once a month. More worryingly, a report by Gartner shows that 80% of all security incidents go undetected by the breached organisations, so the rates of cyber attack are higher than we realise.
The costs of cyber attack can be crippling, as highlighted by the media in their coverage of the various incidences that have rocked the IT security world in the past few months. Seemingly robust and industry-leading organisations such as Yahoo have suffered large-scale hacks, while attacks on financial institutions provide very real examples of what customers and businesses stand to lose by being the victim of a cyber attack. When Tesco Bank was hacked in 2016, £2.5 million was stolen from customer accounts, and the recent Lloyds Bank attack saw 20 million customer accounts compromised.
Infrastructure is also a target – recall the hack of the San Francisco train system or the Ukraine’s power grid – suggesting that cybercriminals are only beginning to warm to their theme as the scope for their influence and disruption widens in this increasingly connected world. Targets can be small too: hackers are equally interested in accessing your internet-enabled security camera to support a wide scale attack, while small businesses have reported a rising number of cyber attacks in the past year.
The starting point is to acknowledge the threat of cyber attack and develop firm security systems, but the second and increasingly vital stage is to constantly refine these systems to keep pace with the criminals. The bad guys have access to the same technology as the good guys, and are aided by the relative insecurity of Internet of Things (IoT) devices providing the means to launch huge amounts of data on a company to ‘crash’ networks.
However, all is not lost, and data is as much part of the solution as the problem. All businesses – large or small – rely on data networks. These are both potential points of vulnerability and a mine of valuable information that can inform cyber security strategies and help you keep up with those wielding malicious intent.
Considering this, it is little surprise that data specialists have become a desired asset for a business’s cyber security team. However, not all enterprises can afford to hire such an expert, and a skills shortage is combining with rocketing demand to further challenge the ability of businesses to access the requisite human talent.
While we certainly need to encourage more people to consider careers in cyber security, we also need to recognise that human expertise will only carry cyber security efforts so far. Due to the vast amount of data and the complexity of attacks, many of which are subtle and swift, there is no space for human error or delay.
Computers can perform certain tasks, such as data analysis, much faster and more accurately than a person. When it comes to network monitoring, the shortfall in human ability needs to be compensated for with digital tools, the best of which on the market today incorporate machine learning.
Machine learning was first defined by Arthur Samuel in 1959 but is currently gaining momentum as technology and algorithms have developed, with successful application recorded in everything from fraud detection to self-driving cars.
A branch of artificial intelligence (AI) described as creating machines that can learn without being explicitly programmed, this powerful intervention is transforming network analytics and proving essential for robust cyber security provision.
Not only can a machine be faster and more accurate than a person, there is also improved flexibility and efficiency in network analytics. These tools analyse the network in real time, live, without human oversight, providing personalised insight and a level of accuracy and speed that is critical as cybercriminals get smarter. They will likely use AI themselves in due course, with some experts suggesting they already do.
By using machine learning tools to continuously monitor traffic, it’s possible to identify patterns or trends that could indicate an attack or help inform strategies. The UK government is using such tools to monitor their Public Services Network (PSN) and protect their (approximately) 7 million users from security threats.
Data monitoring in this way also facilitates the gathering of information to support a prosecution that could be part of a large organisation’s cyber strategy. This should be encouraged – only by reducing the cybercriminals’ belief they are untouchable can we hope to lessen the prevalence of cybercrime.
Adoption in these kinds of tools is set increase as businesses wake up to the true risks of cyber attacks and prioritise their security. Recent research from ABI suggests that such high adoption will see global spending on big data, analytics and intelligence reaching $96 billion by 2021.
AI may come with many issues and complications, but it also offers valuable tools to face down increasingly refined cyber attacks and ensure that our reliance on networks doesn’t do us more harm than good.
Businesses that harness the power of machines to inform, support and enhance their cyber security systems stand a real chance of keeping up with those looking to attack them.
Sourced from Simon McCalla, CTO, Nominet