Organisations face a growing number of increasingly complex and ever-evolving threats – and the most dangerous threats are often the hardest to discover. Take the insider threat or stolen credentials, for example. We have seen many high-profile attacks stem from the unauthorised use of legitimate user credentials, which can be extremely difficult to expose.
The perimeter-based model of yesterday is insufficient for the mammoth task of protecting a company’s assets. Instead, we are starting to see a shift towards automation and the application of cloud-based artificial intelligence, which is fast becoming critical in the fight against modern cyber threats.
A recent IDC report predicted that the artificial intelligence software market would grow at a CAGR of over 39% by 2021, whilst separate research from the analyst firm stated that the future of artificial intelligence requires the cloud as a foundation, with enterprise cloud first strategies becoming more prevalent over the same period.
The cloud is, without doubt, transforming security by enabling easy and rapid customer adoption, saving time and money, and providing companies with access to a class of artificial intelligence-enabled analytics that are not otherwise technically practical or affordable to deploy on-premise. Plug-and-play implementation lets security teams focus on their mission instead of spending valuable time implementing and maintaining a new tool.
What is more, when deployed in the cloud, artificial intelligence can benefit from collective intelligence and a broader perspective to maximise intelligence. Imagine incorporating real-world insight into specific threats in real time. This will advance the ability of artificial intelligence-powered analytics to detect even the stealthiest or previously unknown threats more quickly, and with greater accuracy than ever before.
By combining a wide array of behavioural models to characterise shifts in how users interact with the IT environment, cloud-based artificial intelligence technology is helping organisations pursue user-based threats, including signatureless and hidden threats.
Applying cloud-based artificial intelligence throughout the threat lifecycle will automate and enhance entire categories of work, as well as enable increasingly faster and more effective detection of real threats. Take analytics, for example. Hackers are constantly evolving their tactics and techniques to evade existing protective and defensive measures, targeting new and existing vulnerabilities and unleashing attack methods that have never been seen before.
Cloud artificial intelligence is beginning to play an important role in detecting these emerging threats. The technology is proactive and predictive, without the need for security and IT personnel to configure and tune systems, automatically learning what is normal and evolving to register even the most subtle changes in events and behaviour models that suggest a breach might be occurring.
Cloud-based artificial intelligence essentially helps security analysts cut through the noise and detect serious threats earlier in their lifecycle so that they can immediately be neutralised. It provides rapid time-to-value through cloud delivery and promises to eliminate or augment a considerable number of time-consuming manual threat detection and response exercises. This allows security teams to drive greater efficiency by focusing on the higher-value activities that require direct human touch.
Security vendors are deploying artificial intelligence solutions into the cloud to use a wider base of analytics and improve threat detection, writes Ross Brewer at LogRhythm.