Story image

Why AI and behaviour analytics should be essential to enterprises

Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors in their tracks. Automation should be a central pillar of today’s cyber defence strategy, letting security professionals beat cyber criminals at their own game, according to Palo Alto Networks.

Palo Alto Networks A/NZ director of systems engineering Philip Dimitriu says, “Cybercriminals are using the scalability and flexibility of the cloud to reduce their costs and change their attacks in milliseconds, making it impossible for organisations to protect themselves using human reactions alone. 

"As well as an increasing pace of automated attacks, cybersecurity teams suffer from a well-documented skills shortage that makes it untenable to simply throw more human resources at the problem. Furthermore, humans can’t react quickly enough to automated adversaries, so it’s essential to automate the response to be effective and to raise the cost for attackers.”

Behaviour analytics is a type of artificial intelligence (AI) that can overcome these challenges. By analysing all the different behaviours in an organisation and triggering alerts when out-of-character behaviours occur, it helps organisations automate attack detection and streamline responses. This can help make up for a lack of advanced capabilities within the team as well as save on cybersecurity costs.

There are four key benefits of using behaviour analytics in a cybersecurity strategy:

1. Cost savings: Security operations typically come at a high financial cost. Using behaviour analytics instead of adding more human resources to the team helps save on costs while increasing visibility into security operations.

2. Effective prioritisation: Cybersecurity professionals are constantly faced with separate high-priority issues. Behaviour analytics can help separate the issues that are genuinely high-priority from those that don’t require immediate attention.

3. Better resource allocation: When security teams gain a better understanding of what’s a high priority and what isn’t, they can better allocate the appropriate resources to combatting attacks versus innovation and executing on strategy.

4. Faster response times: When humans must manually analyse incidents and execute the incident response protocol, it can take time. Automated responses powered by artificial intelligence and behaviour analytics can dramatically shorten incident response cycles.

Dimitriu says, “It’s pointless taking a human to a computer fight. Organisations must fight automated processes with automated processes. This means using AI to help with data collection as well as planning, actioning, and tweaking incident response. Organisations need to integrate security technology into a common architecture, integrating AI tools into common operating platforms to achieve centralised visibility.

“An AI response works well when an analysis is quick and gives a definitive, accurate rating of an incident. It is much less effective when an analysis is slow or delayed, doesn’t identify malicious activity, or delivers too many false positives. Cybersecurity teams should, therefore, only automate responses to behavioural analytics alerts after baselining the organisation and confirming the same response will be correct 100 per cent of the time, based on past experience and context of situational requirements.”

Chillisoft rounds out portfolio with file integrity vendor
Tripwire is the fourth vendor for Chillisoft in six months, adding critical security controls, vulnerability management and file integrity monitoring.
ESET researchers break down latest arsenal of the infamous Sednit group
At the end of August 2018, the Sednit group launched a spear-phishing email campaign, in which it distributed shortened URLs that delivered first-stage Zebrocy components.
Google 'will do better' after G Suite passwords exposed since 2005
Fourteen years is a long time for sensitive information like usernames and passwords to be sitting ducks, unencrypted and at risk of theft and corruption.
Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Optic Security Group celebrates Axis accolade
Auckland-based business security systems provider Fortlock has picked up an award at Axis Communications’ annual Oceania Axis Partner Summit 2019.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.