Security intelligence and analytics, delivered using artificial intelligence (AI) and machine learning (ML), is driving the next-generation cybersecurity market forward. It provides facilities that analyze patterns of threat activity (human and device/machine) and applies automated algorithms and statistical analysis to detect anomalies in the activity patterns of users and their devices. This blend of data collection, monitoring, tracking, and analysis is being widely used to improve threat detection and protection strategies and to help identify many of the external and insider threats that traditional detection tools are likely to miss.
The use of AI- and ML-based behavioral analytics as part of a new wave of security intelligence products and services builds on the successful use of behavioral analysis systems in other business roles, for example to predict usage and buying patterns. However, to meet enterprise threat detection and protection requirements, AI and ML analytics tools must deliver more advanced and automated profiling and exception monitoring capabilities than the previous generations of threat protection tools that they currently work alongside and ultimately need to replace.
Cyber-attacks against business systems continue to increase, and while this mostly involves common techniques that have been seen many times before, there is an increasing ability to deliver higher threat volumes a lot faster. Hackers make use of all available tools in a continuing battle to push past and breach threat protection systems. Using AI and ML techniques that can gather, digest, and process large volumes of threat data, organizations can expect to be in a better position to recognize when hackers are trying to exploit their computer systems, and deal with threats as they occur.
This is an ongoing battle, and the threat protection sector must continue to evolve to stay in the game. One new area of interest involves the AI and ML movement toward deep learning, which is an advanced branch of AI inspired by the brain's ability to learn and retain information. Recently available forms of deep learning are now being used to detect cyberthreats as they occur using instinctive prediction capabilities. However, one remaining problem for the cybersecurity industry is that the new technology has a high skill barrier to entry, as the capabilities required to set up and maintain such complex neural networks are extremely high.
The increasing use of AI and ML techniques has begun to improve cybersecurity threat detection and response levels. The use of deep learning algorithms is the next step forward as we look to further improve the standards of cyberthreat detection. The requirement is not to rebuild the layered protection approaches of the past, but instead to remodel and deliver products and services that genuinely improve on what is currently available.
Straight Talk is a weekly briefing from the desk of the Chief Research Officer. To receive this newsletter by email, please contact us.