Home Health Talent and creativity are not enough: cybersecurity automation arrives against crime

Talent and creativity are not enough: cybersecurity automation arrives against crime

by admin
Talent and creativity are not enough: cybersecurity automation arrives against crime

Four million security experts aren’t enough. It would take just as many to protect an increasingly digital world. However, the time needed to prepare these experts will always be too long compared to the needs of an exponentially growing market and for this reason new strategies are being explored. cybersecurity automation to be added to the existing ones.

Hacker

Italy has a national cyber security strategy

by Arturo Di Corinto


The digital New World is in fact more fragile than we think: it was not designed to be safely inhabited. Cyber ​​attacks, databreach and malware put banks and telecommunications at risk every day, the reliability of the connected home, the car that drives itself, even the success of a surgery. The criminal hackers they multiply and organize themselves into professional unions, ready to strike wherever there is a profit to be made.

“Changing passwords” and the (useless) obsession with cybersecurity

by Andrea Monti



Automated tools such as Siem and Soc, Edr and Xdr, are no longer enough for the prevention of cyber risks, and even the framework zero trust and the approach cybersecurity by design they must be integrated and improved. There are too many potentially risky events generated every day by the digital explosion that together with wars, pandemics and innovation force us to rethink the security of nearly 5 billion users, millions of lines of software code, thousands of critical servers, and all. the microcomputers of the Internet of Things which will soon reach 80 billion.

Safety

Hacking a satellite is easier than you think. And that’s not good news

See also  More controls on post visibility and advertising: Facebook's news for privacy

by Giuditta Mosca



The adoption of “hyperautomation” techniques based onartificial intelligence e machine learning however, they can enhance the potential of cybersecurity automation, with a wide range of uses in every phase of the protection of software, infrastructure, devices and hardware to “reduce the need for human intervention, accelerate response times and the timely identification of safety issues”.

This is stated by a study of Reply where the company, a leader in the sector, explores the emerging threat landscape to promote “intelligent” security and bring the problem to the direct attention of management. With the aim of better understanding current cybersecurity trends, the Italian company has used Reply Sonaran artificial intelligence-based tool developed jointly with the German Research Center for Artificial Intelligence, DFKI, to analyze over 50 million articles from leading professional media, scientific journals, patents, articles and B2B content platforms.

The study focuses on the main Reply markets, presented in two clusters: the first, Europe-5, which includes Germany, Italy, France, Belgium and the Netherlands and a second, called Big-5, which includes the United States, China, India , Brazil and the United Kingdom. With the collaboration of Pierre Audoin Consultants (PAC, Teknowlogy Group) it compares the “software” and “services” segments in four main cybersecurity automation domains: application security, endpoint detection & response (Edr) ed extended detection & response (Xdr), Internet of Things security and data security. The data uses 2021 as a baseline and projects investments until 2026.

And he comes to a first conclusion: the global cybersecurity market will grow to 300 billion euros over the next five years. Reason? According to Allianz Global Corporate & Specialty, cyber incidents are perceived as the most important business risk in 2022.

See also  Covid, it is confirmed: vaccinated people have lower viral load (and therefore infect less)

Protect data and manage insecurity

Penetration testing, vulnerability remediation, and dynamic application testing are emerging as development areas for automating and integrating AI into the application development lifecycle. Investments in application security automation are expected to grow significantly, reaching € 669 million in the European market (Italy, France, Germany, Belgium and the Netherlands) and € 881 million in the Big-5 market by 2026. .

But this also applies to data discovery, data classification, encryption, identity management and data access, which have become essential investment areas for protecting sensitive data from exfiltration and misuse. These sectors will triple their market share between 2021 and 2026 in the Europe-5 and Big-5 clusters, according to Reply, going from 251 to 915 million euros and from 1.2 to 4.4 billion euros respectively. With the contribution of tools based on artificial intelligence such as User and Entity Behavior Analytics (Ueba) to further prevent unauthorized access to sensitive data.

Carelessness in adopting adequate data protection measures can lead to data breaches with enormous consequences: the penalties provided for by the GDPR, the reputational catastrophe and a competitive setback compared to competitors, including the loss of one’s talents and the costs of remediation and communication .

However, as emerged in a previous research, “Hybrid Work”, companies are responding with a significant recovery in investments in the end-user device security market, with an expected growth of 34% in the Europe-5 cluster and 45% in the Big-5 countries (2025 vs. 2020). Also for this reason, a quarter of cybersecurity professionals are now pursuing professional development in AI / ML.

Vulnerable artificial intelligences

There is one though: AI and ML open up new vulnerabilities that attackers can use to access critical systems and data. The future of cybersecurity will increasingly be AI versus AI. Malware is more evasive, pervasive and scalable and then there is the significant vulnerability of artificial intelligence systems which, once infiltrated, can be re-trained by cyber raiders and be exploited as a weak point for companies that do not implement it securely.

See also  Five super foods that help clear arteries and lower bad cholesterol

Cyber ​​attacks on artificial intelligence systems can be divided into two categories: attacks at the time of training which include poisoning or backdoor attacks; the second, attacks at the moment of inference, include evasion attacks, model theft and data mining. Hence, an attacker can poison the data set, algorithm, or model itself.

There is no one-size-fits-all defense algorithm and there is no theoretical method to ensure the defender’s advantage. Even a well-defended AI model can be attacked again, hence the need for a strong security approach by design during the AI ​​development and operation processes.

Based on its experience, Reply says in the research, it has defined a framework called “Pervasive Security”, which includes procedures, tests and controls that should be considered at each stage of the development life cycle (DevSecOps) as standard. Fully implementing AI-powered security automation can also reduce the cost of a data breach from $ 6.7 million to $ 2.9 million and reduce the time it takes to identify and contain the breach (IBM, 2021 ). The new approach to data management known as DataSecOps and DevSecOps are, in short, the future of cybersecurity, obviously together with an army of trained, motivated and well-paid programmers and analysts.

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy