Artificial intelligence provides a solution for better cybersecurity thanks to its ability to look for subtle changes in the behaviours of network users, new research has suggested.
AI and cybersecurity company Darktrace conducted research with IDC to identify the key challenges facing cybersecurity professionals operating in increasingly noisy cybersecurity environments, and the report outlines recommended solutions to bolster cyber readiness.
IDC surveyed 300 organisations across the US and Europe, spanning multiple verticals, including financial services, transportation, and healthcare. The report - Building the Case for a Virtuous Cycle in Cybersecurity - revealed the key challenges facing most of these organisations concerning the ability to effectively prioritise and contextualise the large amounts of data organisations get from several cyber security alert systems, as well as identifying the key actions necessary for effective mitigation of threats and vulnerabilities.
The study's findings include:
- Evolving attack vectors make it difficult to prepare proactively, with only 31% of respondents highly confident that their tools can continuously adjust to new configurations
- There is a lack of dynamic testing capabilities, as 65% of participants agreed that pen testing provides only a snapshot in time which is of limited value as it quickly becomes out of date
- While 76% of surveyed professionals thought visualising attack paths were of moderate or high importance, only 29% were highly confident they had a robust mechanism to test their environments against the most current threat vectors
- The number of organisations that can continuously run preventative exercises such as pen tests and attack surface evaluation is between just 24% and 31% across all sectors
The IDC InfoBrief calls for the adoption of a 'virtuous cycle' model as a way of closing these critical security gaps, incorporating prevention, detection, response, and healing. It calls for "a multipronged approach that includes establishing a security posture and proactively managing the access and assets, monitoring what is happening in the environment, and ensuring a fit-for-purpose remediation approach including backup and disaster recovery".
The study also highlights AI as the solution for improved detection and response capabilities and continuous monitoring, as well as playing an integral part in the 'virtuous cycle', citing AI's ability to look for subtle changes in the behaviours of entities within a network.
"It's clear from this study that organisations need to adopt a holistic approach to improve their readiness," says Christopher Kissel, Research Vice President of IDC's Security and Trust Products. "The solution is to create a virtuous cycle, leveraging AI to create an ecosystem across an entire organisation able to continuously stress-test environments, give an instantaneous response, and determine if remediation is working."
"Security teams don't need more data, they need clear prioritisation and intelligent automation to lighten the load, and this report sets that out in concrete terms," says John Allen, VP of Cyber Risk and Compliance at Darktrace. "Security professionals are overwhelmed with vulnerabilities, and they can't get to them all in time. At Darktrace we're committed to delivering an AI Loop that can provide continuous visibility, prioritised into meaningful actions for security teams, and harden weak points. That's how we're helping security teams get proactive."
Darktrace PREVENT is the third of four product families in Darktrace's Cyber AI Loop, including Darktrace DETECT and RESPOND. The final part of Darktrace's Cyber AI Loop, Darktrace HEAL, is due to be launched later this year.