Automation in Cybersecurity: 2019
By: James Azar
The WannaCry and Petya ransomware really shook us all to the core. The cyber security community realized that hackers were on their way to perfecting automated cyber-attacks. They use machines and AI (artificial intelligence) to search through database and website vulnerabilities and automatically put in malicious code to locate their victim.
The whole process could in fact, be automated to the point that hackers would be making serious money in their sleep. Cyber hacking is on the verge of becoming the cutting edge of the millennial entrepreneurship bubble.
What happens now?
IT chiefs met in Sydney recently to discuss how to best mitigate security risks by automating processes and systems.
James Sillence, a senior engineering manager at Juniper Networks, has stated that they’ve known for a while that hackers are using machine-generated processes to conduct attacks. He argued that “If our response to that kind of attack requires human intervention, it becomes inevitable that at some point we will succumb to an attack.
In today’s internet, what’s imperative for a robust cyber security posture is a machine-based, automated response to a machine-based, automated attack”. In other words, let’s fight robots with robots.
Another major issue within the automation war, is that technology is improving so rapidly that it’s increasing difficult for security professionals to catch prior to or as the events are taking place, so there is a great lack and need for experience in the field.
Unfortunately, due to the fast-track of todays cyber-security landscape, putting a human in slows down the process to the point of being dangerous, events have already happened and we are literally left analyzing what happened and how, rather than attacking the problem – head on.
Hence the serious advantage of fighting cyber crime with automation, where defenses can be added pre-event, suspicious traffic can be diverted, quarantined and handled without skilled security professionals having to lift a finger. This allows the professionals more time and effort to be diverted to policy and compliance.
In a cyber-security job market that is currently seriously understaffed, this will be a crucial turning point in the years to come.
So, what should security companies and departments automate?
There are a few things that they could start with. Automation would help increase the frequency of deployment cycles, speeding up any technology updates that are required for added protection.
Another area to automate is scripts. Sometimes the machine waits for human intervention or for a person to make a decision, instead, all of this could be automated to drastically decrease exhaustive wait times.
Another great service that companies could use is security companies that use AI and machine learning to quickly learn all the possible new threats out there. Companies like Cylance, CrowdStrike, Vectra Networks and Darktrace are raising millions of dollars to create the best AI security services.
As more and more companies switch to cloud computing service providers like Amazon Microsoft, and Google, people are looking to these tech leaders for increased security and they will have to provide.
A Promising 2019
AI will most definitely improve computer security and thwart the next wave of ransomware and other creative hacker inventions. Looking forward to brighter, more secure year ahead.