AI strategies must become beating heart of security measures

Artificial Intelligence-enabled strategies must become the beating heart of security measures, if organisations wish to protect their identities, both human and machine, from evolving cyber threats, after the National Cyber Security Centre revealed that it had issued 34 million cyber alerts in the past year alone.

The agency’s NCSC Annual Review 2022 report, published this week, details its progress in helping to turn the UK into one of the world’s safest places to live and work online.

Among efforts to improve cyber-resilience for UK organisations is the Early Warning service, which has provided subscribed users with 34 million alerts about attacks, compromises, vulnerabilities or open ports over the past year. 

According to the report, at the end of 2021 there had been a 42% increase in users of the Exercise in a Box service; a 37% increase in users of Web Check; 46% decrease in fake government scams; and a 23% rise in the number of organisations using PDNS.

Steve Bradford, Senior Vice President EMEA, SailPoint, said: “34 million cyber alerts in the past year shows just how relentless cybercriminals are in their pursuit of sensitive information.”

Cyber attacks on the rise and increasing in sophistication

“Ransomware, phishing and targeted social engineering attacks are all on the rise and increasing in sophistication. But many of these, at their root, come down to some sort of compromised identity, with user access points often targeted.”

Cybercrime presents a major risk to global prosperity in the Fourth Industrial Revolution. As these attacks grow in volume, AI not only supports under-resourced analysts but also provides a wide range of protection from malicious attacks.

IBM Security’s recent Cost of Data Breach Report founds the global average cost of a data breach has reached an all-time high of US$4.35mn for surveyed organisations.

Breach costs have increased by nearly 13% over the last two years, according to the report, and findings suggest these incidents may also be contributing to rising costs of goods and services. 

AI fighting spam, phishing and malware

By basing algorithms on understanding and recognising patterns from enormous piles of data, companies can create a system that can identify unusual behaviour and anomalies. By using data analysis and this algorithm, AI can identify spam and phishing emails by taking into account the message content and context when looking for anomalies and warning signals.

Malware is an actively growing threat to cybersecurity, but AI empowers company defence strategies to grow with it. As each sample of malware passes through the model, the AI becomes stronger. Deep learning AI has enabled companies to optimise their malware protection strategies by increasing the quantity and accuracy of the data it analyses. 

“The NCSC’s early warning service has already made a huge impact when it comes to bringing threats to the attention of UK organisations,” adds Bradford. “But leveraging AI-enabled identity security helps them be in the drivers’ seat. Clearly seeing, understanding, and managing who has access to what, and why, and then properly securing that access, can go a long way in avoiding a breach or compromise. Given how prevalent these attacks are today, businesses should put identity security at the core of their security efforts.”