The number of cyber attacks continues to sour despite heavy spending on security solutions. Today, the changing computing landscape that now includes the cloud, traditional networks, and BYOD mobile devices is seeing the traditional protection perimeters disappearing.
In addition, cybercriminals are often ahead as they exploit the weaknesses that are increasing with the diversity of systems and infrastructure.
Currently, organizations are spending a significant amount of their IT budget to protect their systems with an array of security products. Most corporates install between 30 and 40 products to protect their network, data, and applications.
Research shows that organizations will spend about $114 billion on security products and services in 2018, which is about 12.4% more from than the $101.54 billion spent in 2017, and likely to exceed $124B in 2019.
Despite the increase in spending, most organizations are still vulnerable and exposed to a wide range of existing and emerging threats.
In the recent past, cybercriminals have been developing complex and sophisticated methods to penetrate different types of online systems.
Limitations of existing security products
Challenges of current software driven approaches include;
- Hackers using complex methods
- Malicious code, programs or attacks do not follow any rules
- Insufficient data to differentiate malware, attacks, and other threats from clean code, data or traffic.
- Disappearing protection perimeter
- Shortage of cybersecurity experts.
Traditionally, security products usually detect threats by analyzing past incidences, but they do not provide a means to predict or prevent new threats in the future. Further, the number of devices connecting to the internet is exploding, and so are the users, legacy applications and mobile apps. Consequently, the advances in mobile devices, IoT, growth in cloud computing, and other online systems continue to introduce a variety of security challenges.
Most of these, such as the mobile phones and tablets, which sometimes access corporate networks, may not comply with best security practices and can potentially pose risks – something the hackers know about and already taking advantage of.
Similarly, the low processing power, storage and memory in IoT sensors often limit the applications they can run. For this reason, sensors, which have the ability to connect to the internet and cloud servers, cannot run comprehensive security software and hence becomes vulnerable and a favorite target for hackers.
Using AI to shrink the cyber attacks surface
Insufficient data, evolving attack methods and hackers always ahead are some of the challenges security experts face. One approach is for the cybersecurity companies to stop chasing after the malicious activities, and instead shrink the attack surface.
The companies can integrate AI and ML tools to enforce best practices and harden the security within and around the systems, hence making it harder for attackers to penetrate. This approach involves enabling an automatic understanding of how the applications need to work and respond. If an activity causes the operation to deviate from the normal, the security systems should raise a flag and respond to prevent the threat.
However, even though artificial intelligence and machine learning can enhance security, there are also risks in case the criminals use the technologies to compromise the security systems. Preventing cyber attacks requires a combined effort by network providers, web companies, administrators, software developers, and other stakeholders. Finally, business and individual users need to take extra precautions and avoid risky behaviors and practices that make them vulnerable to cyber attacks.