By Nuno Cândido, IT Operations, Cloud & Security Associate Director at Noesis
We live in times of strong digital acceleration. On the one hand, the evolution of technology has brought an increase in the use of mobile devices and Internet access has become more democratic, on the other hand, the diversity of platforms, devices, and networks we use makes us progressively more connected with the world.
The digital transformation has increased complexity, leading to a degradation of the security perimeter and the need to adopt new security tools and solutions. To further deepen the criticality of this context, the COVID-19 pandemic, with the consequent adoption of teleworking, added to the difficulty of information security for our companies.
Likewise, the scarcity of talents, of qualified professionals. This digital acceleration and technological changes described above, combined with greater organizations perception on the importance of protecting their infrastructures, data, and systems, has provoked an increasing demand for experienced professionals. The scarcity of these professionals, coupled with the non-inexhaustibility of IT departments, which, as we know, cannot dedicate all their time to the topic of computer security, aggravates the vulnerability of organizations. This is a pressing problem, but it has also been an engine of innovation in the market for suppliers and manufacturers, who seek to develop solutions that guarantee safety and, at the same time, optimize the intervention of human resources.
Finally, the increasing sophistication of cybercriminals, the exponential increase in the number of attacks, increasingly complex and diverse, the increasing sophistication of attack techniques, are a reality, proven by countless reports and even the subject of media increasing attention. Only between February and March 2020, for example, there was an increase of 84% in the number of security incidents reported in Portugal, with an increase of incidents of more than 150% in 2020, compared to the previous year.
Threats are very present, constantly changing, and increasingly diverse. Machine-to-machine (M2M) attacks, silent, highly personalized attacks, phishing attacks, among others, to which traditional security approaches are not able to respond. The traditional approach, based on standards and signatures, focused on detecting malicious actions and behaviors, proves to be slow and unable to adapt to these new threats.
That is why the bet on cybersecurity is increasingly assuming one of the central concerns of organizations. According to the latest study by IDC - Security Market in Portugal, 2020 - Expenditure on information security will exceed 197.3 million euros in 2024, which corresponds to average annual growth of 6.3% between 2019 and 2024. IDC also estimates that expenditure on information security will represent about 4.7% of total IT expenditure in 2024.
It is necessary to change the paradigm - to look for anomalous behavior, instead of focusing on the search for malicious behavior and to adopt strategies to reinforce digital trust, involving attributes such as risk, regulatory compliance, privacy, and business ethics.
And this paradigm shift is closer than we might think. The forecasts for the next decade are proof of that, according to a Trend Micro study, artificial intelligence algorithms will be the fundamental pillars for the automation of cybersecurity, and a response to the limits of human capacity. Artificial intelligence is a strong ally in the service of cybersecurity and an essential investment to increase security in organizations and to equip their own IT teams, removing much of their analysis effort and allowing them a greater focus on what is important, the business, and the objectives of the organization.
Being able to analyze information and any anomalies without the overload of human resources is one of the perspectives that the vision of assisted intelligence allows to achieve. With little effort, it becomes possible to monitor networks completely and, thus, act in real-time on external or internal threats that affect organizations.
AI-based solutions use technology that allows you to analyze behavior patterns in any network, device, or user in an organization, regardless of scale, through AI and Machine Learning algorithms, thus allowing you to detect, with high levels of efficiency, any change in the pattern and, in this way, identify possible threats much faster. This type of assistance, based on AI and ML models, is the future of organizations that want to remain at the forefront of technology safely.
Originally Published (in Portuguese) in IT Insight