How AI and Human Intelligence Team Up to Save Businesses from Cybercrime?

By Jaipal Kolapurath, VP & Regional Head – India (West), Paladion Networks

The cost of cybercrime will reach USD 6 trillion each year according to research firm Cybersecurity Ventures. Cybercriminals today are using sophisticated ways to attack individuals and organisations. Not content with yesterday’s indiscriminate malware attacks, hackers are doing their own research to pinpoint precise vulnerabilities and exploit them.

For example, one of the vectors attackers employ is to exploit the difficulties C-level executives have in communicating when on business trips. Using so-called whaling emails, they trick subordinates into making unauthorised transfers of funds to the hackers’ accounts. They painstakingly map out the internal structure and operations of an enterprise. They then enter by stealth and position their own software to take over enterprise systems. They also use malware that can continually change its form to avoid detection or wait until conventional security checks are completed before swinging into action.

How do we address this mammoth challenge? Purely relying on people to solve the problem is not the right way forward. There is already a shortfall in the number of cybersecurity experts in the world. By 2021, there will be an estimated 3.5 million vacant cybersecurity positions globally says a Cybersecurity Ventures report. The cybersecurity teams that exist must deal with huge quantities of cybersecurity information and alerts generated by IT systems and networks. Can they really find the nuggets of information about cyberattacks in the tons of cyber dross? The answer, in my opinion, is to employ Artificial Intelligence.

How Artificial Intelligence Can Help

Jaipal Kolapurath VP & Regional Head – India (West) Paladion Networks

Traditional cybersecurity systems can still do a sizable part of the work and should be considered in any cybersecurity plan. However, they are often limited to applying pre-defined rules to detect cyberthreats. They may fail to detect malware that morphs. They may miss hackers manoeuvring in enterprise systems to prepare for data exfiltration. They may even not be able to see careless or malevolent employee actions concerning data handling and system usage.

Artificial intelligence holds the key to addressing many of these challenges. Instead of a rigid, robotic approach to checking security, AI can adapt to changing situations. It can draw smarter conclusions based on probabilities instead of basic yes-no checks. Machine learning algorithms train computer systems to identify patterns in data and spot outliers, which are those items that do not fit into established patterns. Cyberattacks are outliers. They do not fit in with the normal daily activities of an organisation. Machine learning can be used to pick out indications, even very subtle or isolated ones, that point to a foul play that may be underway.

Computer-powered AI can function as fast as the computer processor will allow. As microchip processing speeds continue to rise, AI systems can sift through ever growing volumes of data more rapidly. Not only do they surpass human ability in terms of volume and speed, but they are also more reliable. They do not suffer from the ‘cyber blindness” and the ‘alert fatigue’ that affect humans. If there is an attack needle to be found in the cybersecurity haystack, AI can find it.

AI Still Needs HI to Provide Effective Cybersecurity

Artificial intelligence does not replace human intelligence. Human experts are still better at factoring in considerations like business goals and regulations and in deciding which is the best overall response to a cyberthreat. Human intervention is also needed to train systems using machine learning, telling them which results to look for or correcting conclusions reached by the systems. As an AI system works with more data over time, it tends to improve its deductions and results, but HI will continue to be part of the mix.

To conclude, AI provides scalability for security operations centres that traditional approaches cannot. The human skills shortfall will not disappear overnight. Instead, AI overcomes the need for security engineers to pour over screens of security logs and focus on top priority problems instead. All this is good news for businesses and other organisations in a digital age that depends on electronic data and software systems. Artificial intelligence and human intelligence, properly combined is the key to repelling today’s cyberattacks and keeping enterprises secure.