Will COVID-19 Spur the Shift to AI-First Cybersecurity?

October 28, 2020 - 9 minutes read

A programmer is browsing the Internet in smart phone to protect a cyber security from hacker attacks and save clients confidential data. Padlock Hologram icons over the typing hands. Formal wear.

When the COVID-19 pandemic caused the workforce to start working from home, cybersecurity became a big challenge for many companies. The worldwide shift to remote work had major implications for security in enterprises.

At many of these enterprises, their security solutions were outdated, patched-up, and cheap. Millions of network connections became dangerously vulnerable almost overnight. Unfortunately, hackers were already ready to pounce on these opportunities.

Security Holes Can Sink a Company

The pandemic has taxed employees and enterprises alike; security systems that were already low on fortification were exposed to show previously-undetected vulnerabilities. It didn’t matter if the company had invested large sums of money into their security platform. It did matter, however, if the company had become lax and reactive rather than being proactive and up-to-date.

Because successful cybersecurity hacking attempts can bankrupt a company and endanger employees, there’s a lot riding on having a strong security platform for companies. For any future events that shake up the way the world operates—and there will be such unexpected events—organizations that take a proactive approach to cybersecurity will be the ones who come out on top. Enterprises who take the band-aid approach to cybersecurity will be left behind, or worse: become unwillingly bankrupt.

Shodan, an internet-indexing service, saw a 41% increase in remote desktop brute-force attacks in mid-April, just two weeks after U.S. workers shifted to remote work. What’s more concerning is that 71% of security professionals have reported a steep rise in security attacks and threats since the pandemic hit the U.S.

Cyber Attacks: Remote Workers vs. Office Workers

It’s easier to control security protocols when all (or most) employees are logged in at the office and working on the office network. When we introduce the element of millions of people using new networks, some of them changing networks repeatedly (digital nomads, visiting friends and family, working at coffee shops), it becomes more difficult to control network security.

Another factor that contributes to an increased chance for cyber attacks is the “bring your own device” (BYOD) trend, where companies let their employees, third-party vendors, and visitors access their IoT network with their personal device. On the opposite side of the BYOD trend is companies who issue company devices that can be more secured by the company, even if the employee uses a non-company network. Employee laptops and devices should be hardened, which refers to layering multiple forms of security, firewall, and network security on each device.

Cyber security data protection business technology privacy concept. Young businessman select the icon security on the virtual display.

According to Morphisec’s Work-from-Home (WFH) Employee Cybersecurity Threat Index, 56% of workers use their personal computers to access their company’s network. 25% of remote employees don’t understand network security protocols. And 25% of WFH workers have spotty Wi-Fi, which greatly limits the efficacy of antivirus programs.

The data is showing us that traditional security methods don’t work in a “non-traditional” world, and we’re going to need to move very quickly to fill the gaps before attackers make their way through them. And artificial intelligence (AI) applications in cybersecurity can help us do that.

An AI-First Approach for Cybersecurity

DARPA (the Defense Advanced Research Projects Agency), the U.S. government’s research and development agency, has dubbed a new type of AI as “Third Wave AI”. COVID-19 has made Third Wave AI necessary for companies. This type of AI identifies malicious and abnormal behavior within a company’s network, and it does this with the understanding that there has been a shift from historical procedures and network data.

Third Wave AIs can constantly adapt their baseline to get an understanding of what’s currently happening, and it’s a needed security enhancement. The fact of the matter is that humans just can’t handle this rapid change fast enough. For example, at the beginning of the pandemic, many security systems went haywire and sent security employees thousands of false alarms in one day. That number of threats is impossible to comb through with efficiency.

There’s no faster way for an organization to right its security wrongs than to invest in an AI-first cybersecurity platform. An AI-first approach helps companies stay up-to-date with known attackers, types of attacks on the rise, and possible network changes before a hacking attempt.

Enhancing AI security platforms with behavioral analysis further strengthens the AI’s accuracy rate. Even if a possible attack hasn’t been seen before, Third Wave AI can use traffic pattern anomaly detection mechanisms to detect brand new attacks. AI-first cybersecurity systems can also rely on machine learning applications to solve for “fuzzy” problems, like anti-malware protection.

AI-First Cybersecurity Platforms

If your company is ready to use an AI-first security solution, be prepared to dive into a cluttered and misleading marketplace of offerings. Many “AI security solutions” work off of rule-based interventions, rather than actual AI. These types of pseudo-AI solutions require a lot of constant human interaction and input, whereas a self-supervised AI system would require input occasionally. As long as you’re cognizant of these issues in the marketplace, you can protect yourself and your company from harmful platforms that effectively reverse any progress you’ve made in improving your cybersecurity.

Hand using digital tablet with glowing circuit open lock hologram. Business and security concept. Multiexposure

You must look for an adaptive, flexible, AI-enabled system that will recognize changing behaviors and baselines and act accordingly, without requiring constant human attention. This will reduce the need to hire even more security professionals, especially in this economic climate. Real AI-first security systems are much more accurate and speedy than humans could ever become.

Merritt Maxim is the researcher director for security at Boston-based analyst firm Forrester. He says that, as with everything, it’s important to not rely completely on AI and machine learning, but that these tools can be optimized greatly with regular human evaluation.

The Future of Cybersecurity Is AI-First

It’s imperative for companies to be proactive and up-to-date on their security systems. If you’re wondering how to better manage your enterprise’s cybersecurity protocols, look no further than an AI-first security platform. Modern-day cybersecurity issues require modern solutions, and this simple addition to your security arsenal could ensure your company makes it through the pandemic and beyond, while your competitors fall to the wayside.

Tags: , , , , , , , , , , , , , , ,