With the ever-increasing connectivity of the world, whether personal or business, there has been an increased risk of cyberfraud and cyberattacks. While technology is always improving, unfortunately so are the hackers’ own technologies and skills. However, innovations and solutions are always being developed to stay one — or more — steps ahead of cyberattackers.
The rapid rate of digitalisation today and an ever-expanding cyberthreat landscape have created a pressing need for effective cybersolutions, says Dani Michaux, EMA cyber leader at KPMG. “We see our clients daily looking to simplify their search for these solutions and seeking to streamline their product comparison processes, saving them time and money.”
The attack surfaces in today’s organisations are becoming larger, and continuing to grow and evolve rapidly, says Jaap Meijer, chief cybersecurity & privacy officer, Huawei Western Europe. “Depending on the size of the organisation, there are very large data sets that need to be analysed to accurately assess the risks. Given these large data sets, analysing and improving cybersecurity posture cannot be handled by humans alone. In response to this challenge, Artificial Intelligence [AI] based tools for cybersecurity have emerged to help information security teams reduce breach risk and improve their security posture efficiently and effectively.”
However, amid this gloom there are some silver linings — for those interested in the development of technology, at least, with Hannah Twomey, senior manager, Accenture, in Ireland’s security practice, believing that as a consequence of increased cyberattacks globally, there is greater focus and investment in cybersecurity, making it an exciting time for technology innovations.
“One area where this is particularly relevant is security operations. Increasing innovation through artificial intelligence and automation will be hugely valuable to these security operations teams as it provides better insights into their network and also automates responses to these events where appropriate.
She says that companies in Ireland are already starting to adopt Security Orchestration, Automation and Response (Soar) and User & Entity Behavioural Analytics (UEBA), but as these capabilities mature the value will be exponential.
Prevention is better than cure
Aanand Venkatramanan, head of ETF EMEA at LGIM says that the cyber industry is always evolving to ensure that new vulnerabilities are covered. “One important way to ensure continuous cybersecurity screening is through threat management and continuous monitoring. Detection, response and containment of attacks are essential to avoid operational damage. The faster an attack is detected and contained, the less impactful it is likely to be.”
Technology innovations
Twomey says digital twin technology uses data and artificial intelligence to simulate physical and virtual environments so that organisations can identify the risks and impacts of, for example, ransomware attacks or a data breach. It is being used lightly in some organisations but there is huge value to be gained from increased adoption in the future. The use of digital twin technology will revolutionise how organisations approach threat modelling, cyber resilience and prioritisation within their cybersecurity programmes as it provides actionable tailored insights.
AI for security will be used in support of existing defence mechanisms as they are making use of the data generated by these defence systems, says Meijer. “One could be looking at defence layers on assets, identity and access management, log files from firewalls, unexpected data flows, etc.”
Selecting the best defence
“Cybersecurity product selection is daunting,” says Michaux. With so many different solutions on the market, cyber leaders are spending increasing amounts of time trying to understand each product to work out which is the best for their business and discover how to integrate them into their different environments. Selecting the right products is complex because it’s not just about what solutions do what, but also how they work together to protect your business.
“There’s nothing worse than spending time reviewing a solution before realising that it’s not compatible with key elements of your IT infrastructure. That’s why it’s essential to ensure that any new solution you onboard is compatible with your existing infrastructure and that replacing any existing product will not have any negative knock-on effects.”
Future innovations
In the future, AI will take over more tasks from human cybersecurity specialists, believes Meijer. “A cyber-attack often involves high time pressure. You have to make decisions quickly. ‘What is going on? What should we do?’ You will see AI and machine learning slowly popping up in so-called ‘decision support’, and hence take a role in the decision-making process. AI will also play a bigger role in problem-solving.”
Technologies are being developed that will allow software to mitigate vulnerabilities by itself once they have been discovered, he says. “Such technologies will in time be able to provide higher levels of resilience to organisations and networks. AI will be very much a support to the cybersecurity professional providing him/her with real-time information and help by navigating the best way forward.”
However, while it can be fun to always look at the newest and shiniest technologies in the market, sometimes the answer to mitigate risks may be closer to home. “Tooling optimisation through platform integrations, maturing the operating model and introduction of automation can be very impactful, time efficient, cost-effective [compared to deploying a whole new tool], while mitigating an organisation’s cybersecurity risks,” says Twomey.