By Nuno Cândido, IT Operations, Cloud & Security Associate Director at Noesis
The solid digital acceleration of recent years, the increased use of mobile devices, the democratization of Internet access, the diversity of platforms, devices, and networks have made the world more connected, more complex, leading to the progressive degradation of the security perimeter and the need to adopt new tools and solutions.
To further compound the challenge, the COVID-19 pandemic and the consequent adoption of telecommuting has added further difficulty to the information security of our companies.
On the other hand, the shortage of qualified professionals in cybersecurity contrasts with a growing demand for experienced professionals by organizations, increasingly aware of the importance of protecting their infrastructures, data, and systems. The scarcity of these professionals, coupled with the limitations of IT departments that, as we know, cannot devote all their time to the issue of cybersecurity, further exacerbates the vulnerability of organizations.
Finally, the growing sophistication of cybercriminals, the exponential increase in the number of increasingly complex and diverse attacks, and the increasing sophistication of attack techniques. The threats are well present, constantly changing, and increasingly diverse. Machine-to-machine (M2M) attacks, silent, highly personalized, phishing attacks, among others, that traditional security approaches are unable to respond to. The conventional pattern- and signature-based approach, focused on detecting malicious actions and behaviors, is proving to be slow and unable to adapt to these new threats.
This is a pressing problem, which has been, at the same time, a driver of innovation in the market for suppliers and manufacturers of Cybersecurity solutions, who seek to develop solutions that ensure security and, at the same time, optimize the intervention of human resources.
It is necessary to change the paradigm - to look for abnormal behavior instead of focusing on the search for malicious behavior and adopt digital trust-building strategies that involve attributes such as risk, regulatory compliance, privacy, and business ethics.
This paradigm shift will indeed be grounded in Artificial Intelligence at the service of cybersecurity. The forecasts for the next decade are proof of this. According to a study by Trend Micro, artificial intelligence algorithms will be one of the key pillars for the automation of cybersecurity and an answer to the limits of human capacity.
Artificial intelligence is a strong ally in cybersecurity and an essential investment to increase security in organizations and empower the IT teams themselves, removing much of the analysis effort and focusing more on what is critical to the business and the organization's goals.
Analyzing information and eventual anomalies without overloading human resources is one of the perspectives that the assisted intelligence vision allows to achieve. With little effort, it becomes possible to monitor networks comprehensively and thus act in real-time on external or internal threats affecting organizations.
AI-based solutions use technology that makes it possible to analyze behavior patterns in any network, device, or user in an organization, regardless of scale, through AI and Machine Learning algorithms, thus enabling to detect, with high levels of effectiveness, any change in the pattern and therefore identify possible threats much faster.
Based on AI and ML models, this type of assistance is the future of organizations that want to remain at the forefront of technology with security.
Published (in Portuguese) in IT Security
