Story image

AI is not the Terminator: Its role in New Zealand's war against cybercrime

15 Jan 18

Article by Exclusive Networks New Zealand general manager Alex Teh 

If you were born in the generation that grew up on Terminator and Matrix movies, you could be forgiven in thinking that we are at the start of the opening of Pandora’s box where the world is going to be taken over by machines and Armageddon is coming.

The use of AI in our everyday lives is becoming more and more the norm. Whether it be AI-driven chat bots organising your financial services, AI driven cameras that can provide facial recognition when moving through an airport or driverless cars being driven by AI

The advancements of AI have permitted the use of machine learning to improve our everyday lives. The world of cybersecurity is no different to this. At present the war on cybercrime is exponentially growing.

Cyber war has no physical boundaries and affects more than one fifth of our population. According to the NCSC, it takes more than 520 days on average for New Zealand companies to detect they have been breached, and we get the second most amount of ransomware attacks in the Southern Hemisphere.

At present we do not have enough cybersecurity professionals who can defend our nation against this onslaught of attacks. Just because we are at the bottom of the world map, it doesn’t make use immune to the fact that cybercrime is now worth three times our national GDP.

In my opinion the use of AI is not only acceptable, it is essential in the battle against cyber criminals. The use of AI will help reduce the amount of data that our human resources need to investigate. Hence reducing the average time and cost of detection to near 0 days.

The use of AI in technologies like SIEM (threat lifecycle management), Network-based APT scanning and endpoint security is already providing better results than legacy products that our companies are still paying maintenance for. Traditional signature-based products are simply not effective as they struggle to keep up with malware code that changes every second.

The use of AI will not remove the need for human resources but change it. We will need more AI developers, more data scientists, more consultants and engineers that can be used for incident response, the hunting and the remediation of malware.

We will also need more people to implement, design and support new technologies. This is where the channel will come into play. As a country, 80% or more of our companies are categorised as SMBs.

This means they don’t have the resources or funds to manage these enterprise solutions. It doesn’t mean there is less of a need for these solutions. The New Zealand market has a very mature partner community that is already providing MSP and cloud services.

Our MSPs have an opportunity to adopt these solutions and provide these products as a service in a pay monthly consumption model. They have the ability to retain more technical staff capable of providing this service in a one to many model making it affordable to deploy these solutions.

Josh Comrie, CEO of conversational AI firm Ambit says, "Bots will replace a great deal of the frontline customer service functionality within institutions. As consumers interact and transact more through bots, they will become comfortable with sharing personal details and financial data. The opportunity for fraud is massive, so using AI for fraud detection and prevention will be pivotal for consumer protection." 

I firmly believe the cybersecurity market in New Zealand will see exponential growth. Countries like Australia are now mandating compulsory disclosure of data loss. The EU has adopted compliance standards like GDPR which allows central government to fine organisations up to 4% of the annual turnover or up to 20 million Euros.

I believe that similar standards will be adopted in New Zealand within five years. As a citizen of New Zealand and a user of public services I do not expect my medical records, my financial statements or my bank and personal details to be compromised and used by cyber criminals and neither should you! It is simply not acceptable that data loss and cyber attacks are swept under the carpet.

Our companies are under an onslaught of cyber-attacks, the CEOs of our public listed companies are being targeted by spear phishing attacks, cyber criminals are comprising their networks and pretending to be the CEO demanding random bills are paid to unknown companies.

DDOS attacks can now be bought on the dark web for as little as $7 a day, the same market place where you can buy illicit drugs, guns or contraband. With the use of crypto currencies these transactions are anonymous and difficult to trace. Our police forces are simply not equipped to handle this kind of crime wave.

It’s worth stating again, the use of AI is essential in the war against cybercrime. I would rather have AI on our side rather than the cybercriminals.

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
GCSB welcomes Inspector-General's report on intelligence warrants
Intelligence warrants can include surveillance, private communications interception, searches of physical places and things, and the seizure of communications, information and things.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."