Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

7/28/2020
02:00 PM
Greg Jensen
Greg Jensen
Commentary
Connect Directly
Twitter
RSS
E-Mail vvv
100%
0%

Autonomous IT: Less Reacting, More Securing

Keeping data secure requires a range of skills and perfect execution. AI makes that possible.

Artificial intelligence (AI) is a game changer in fighting cybercrime and defending data, and it can be decisive in turning the tide against hackers, thieves, and saboteurs of critical data. While IT systems use many automatic processes, they largely operate without any real awareness of the IT environment around them. However, 2020 will be the year when more companies reap the benefits of AI-powered autonomous systems.

On the tech side, this is partly because cloud computing has driven availability of affordable and reliable computing, storage and networking that make the application of AI affordable. That technological firepower along with the emergence of massive datasets to feed models now make AI a realistic option for applications including self-driving cars, factory gear, retail recommendation engines, truly helpful business chatbots, and the like.

People see these AI applications maturing at work, and that success stokes confidence that AI can solve real problems, driving still more demand. Autonomous IT is like the aforementioned self-driving car — not just spotting the pothole in the road, but changing lanes to avoid it. Unlike first-generation AI systems, which spot problems, second-generation autonomous systems act on the patterns they see. A Gen 1 AI might evaluate network traffic patterns to spot unpatched systems, but it still requires a human administrator to step in and schedule a patch. Gen 2 autonomous AI will not only spot the unpatched system but also take proactive action to apply an update, only informing an administrator after the problem is solved.

There are four areas where the rise of autonomous systems will soon have the most impact:

  • Scaling security: Autonomous systems will help people deploy and maintain IT environments at large scale. With the number of Internet-connect devices expected to jump from 8 billion in 2019 to 41 billion in the next eight years, security at scale will be a central challenge for future security specialists. Autonomy helps by making such work not only faster but also more consistent and better aligned to organizational information security policies and priorities.

  • Shrinking the talent gap: With global cybersecurity workforce shortages projected to reach 3.5 million people by 2021, freeing up cybersecurity talent for more important tasks is essential for improving security. As autonomous IT takes a bigger role in patching, configuring, and managing the complex hardware and software that underlies most systems, IT professionals will be able to focus on more strategic efforts. Even better, as autonomous systems work consistently and tirelessly, they can help prevent many of the human errors that threat actors can exploit.

  • Less reacting, more securing: Depending on what industry you're looking at, the average time it takes to remediate a breach once it's been detected is between 112 days and 447 days — or 3 to 14 months of potentially critical exposure. As autonomous systems handle more of the nitty-gritty collection and analysis of network traffic and data, people will be freed from combing network logs to do high-level, complex system analytics. With more time to do analysis, and more context around the data they are analyzing, security specialists will be able to spot and address more sophisticated threats while shortening the response timeline.

  • Making insiders less threatening: Corporate insiders who misuse their access to steal or manipulate data represent one of the most persistent, and difficult, cybersecurity problems. This kind of attack usually uses root access to system that was granted to support basic IT administration and management. As autonomous systems perform more of this work, and people focus more with broad-based system analytics, fewer people will need such direct access, reducing the opportunities for abuse.

Facing the Cyber Dangers Ahead
Keeping data secure requires a range of skills and perfect execution. Given the complexity and volume of threats facing IT systems, human defenders need insights into the changing threat landscape. With that knowledge and preparation, combined with the sophisticated AI and machine learning technologies, organizations will be best able to contend with expanding and accelerating threats.

Related Content:

 

 

Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for details on conference information and to register.

Greg Jensen is a Director of Security Strategy at Oracle Corporation addressing the risk and challenges to the hybrid-cloud. He is also the Senior Editor of the Oracle and KPMG Cloud Threat Report and Oracle CISO Report with a key focus on developing cloud security ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
karenwalshjd
50%
50%
karenwalshjd,
User Rank: Author
7/29/2020 | 3:12:27 PM
Deciphering Quality
The most difficult part of investing in AI is the sheer number of products out there. Not only do people still feel there's a "Terminator" quality to AI (not true) the algorithms underlying it are often proprietary which makes purposeful purchasing decisions difficult.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/10/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9079
PUBLISHED: 2020-08-11
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product.
CVE-2020-16275
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
CVE-2020-16276
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16277
PUBLISHED: 2020-08-10
An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
CVE-2020-16278
PUBLISHED: 2020-08-10
A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.