Recent breaches show many companies still fail at the absolute basics of cybersecurity. Workplace devices get infected routinely by phishing scams and (often simple) malware makes it through to the corporate enterprise. More worryingly still, organisations take months to spot intruders and once a problem is detected there is often no proper plan in place to deal with the situation.
To counter this, any number of big data crunching, machine learning solutions have popped up to detect threats. These include the likes of Darktrace, Cylance and Vectra Networks which scan the network for oddities. However, the flip side is they also open the door for ‘the bad guys’ using the same techniques.
“It's interesting we talk about the promise of machine learning or AI as an industry but I think it also holds a promise to our adversaries,” suggested Roark Pollock, senior VP of marketing at security firm Ziften, at a recent press and analyst security debate in Silicon Valley. “It's a tool that can be used by both sides and at the end of the day this is potential for a stalemate if we're just using it to play a cat and mouse game.”
This looks likely to ramp up in the near future and Anup Ghosh, chief strategist of Next Gen Endpoint at Sophos believes that we will see a “rapid adoption of machine learning for adversarial purposes” over the next 12 to 18 months’ time.
There hasn’t been too much of this to date added Pollock because “it's so easy for people to get into our networks” as defence is poor. “The easy stuff still works and so we haven't forced them, the adversaries, to have to adopt machine learning or any other advanced techniques to get in.”
The rise of extremely high-profile security breaches is likely to raise the bar higher. This is because every organisation knows they have to remain vigilant. Nobody wants to be the next Equifax. Yet every cybercriminal on the Dark Web wants to continue making their living from corporate theft.
To continue reading this article register now