Autonomous IT: Less Reacting, More Securing

Keeping data secure requires a range of skills and perfect execution. AI makes that possible.

Artificial intelligence (AI) is a game changer in fighting cybercrime and defending data, and it can be decisive in turning the tide against hackers, thieves, and saboteurs of critical data. While IT systems use many automatic processes, they largely operate without any real awareness of the IT environment around them. However, 2020 will be the year when more companies reap the benefits of AI-powered autonomous systems.

On the tech side, this is partly because cloud computing has driven availability of affordable and reliable computing, storage and networking that make the application of AI affordable. That technological firepower along with the emergence of massive datasets to feed models now make AI a realistic option for applications including self-driving cars, factory gear, retail recommendation engines, truly helpful business chatbots, and the like.

People see these AI applications maturing at work, and that success stokes confidence that AI can solve real problems, driving still more demand. Autonomous IT is like the aforementioned self-driving car — not just spotting the pothole in the road, but changing lanes to avoid it. Unlike first-generation AI systems, which spot problems, second-generation autonomous systems act on the patterns they see. A Gen 1 AI might evaluate network traffic patterns to spot unpatched systems, but it still requires a human administrator to step in and schedule a patch. Gen 2 autonomous AI will not only spot the unpatched system but also take proactive action to apply an update, only informing an administrator after the problem is solved.

There are four areas where the rise of autonomous systems will soon have the most impact:

  • Scaling security: Autonomous systems will help people deploy and maintain IT environments at large scale. With the number of Internet-connect devices expected to jump from 8 billion in 2019 to 41 billion in the next eight years, security at scale will be a central challenge for future security specialists. Autonomy helps by making such work not only faster but also more consistent and better aligned to organizational information security policies and priorities.

  • Shrinking the talent gap: With global cybersecurity workforce shortages projected to reach 3.5 million people by 2021, freeing up cybersecurity talent for more important tasks is essential for improving security. As autonomous IT takes a bigger role in patching, configuring, and managing the complex hardware and software that underlies most systems, IT professionals will be able to focus on more strategic efforts. Even better, as autonomous systems work consistently and tirelessly, they can help prevent many of the human errors that threat actors can exploit.

  • Less reacting, more securing: Depending on what industry you're looking at, the average time it takes to remediate a breach once it's been detected is between 112 days and 447 days — or 3 to 14 months of potentially critical exposure. As autonomous systems handle more of the nitty-gritty collection and analysis of network traffic and data, people will be freed from combing network logs to do high-level, complex system analytics. With more time to do analysis, and more context around the data they are analyzing, security specialists will be able to spot and address more sophisticated threats while shortening the response timeline.

  • Making insiders less threatening: Corporate insiders who misuse their access to steal or manipulate data represent one of the most persistent, and difficult, cybersecurity problems. This kind of attack usually uses root access to system that was granted to support basic IT administration and management. As autonomous systems perform more of this work, and people focus more with broad-based system analytics, fewer people will need such direct access, reducing the opportunities for abuse.

Facing the Cyber Dangers Ahead
Keeping data secure requires a range of skills and perfect execution. Given the complexity and volume of threats facing IT systems, human defenders need insights into the changing threat landscape. With that knowledge and preparation, combined with the sophisticated AI and machine learning technologies, organizations will be best able to contend with expanding and accelerating threats.

Related Content:



Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Recommended Reading: