AI and ML, the next-decade antidote against cyber attacks

Digital transformation means more than digitizing solutions and process. It is about creating a connected, seamless environment with security at the core of its design.

AI, deep learning, automation and robotics technologies all leverage data as the most important asset. This could be data that is coming from various sources, data that is residing in various legacy and cloud locations or AI algorithms creating their own data. IDC predicts that data in the Asia Pacific will increase from 5.9 zettabytes in 2018 to 33.8 zettabytes in 2025, representing 19.3% of all global data. Visibility, seamless flow and security of this data will be a key priority for enterprises in 2020.

Realizing the power of data has also created awareness around its vulnerabilities. Threat vectors are evolving every day with changes in the technology landscape and cybersecurity becoming increasingly complicated. As organizations leap forward in their digital transformation journeys in 2020, three key measures around the convergence of IT and OT, multi-cloud services and automated cyberdefense will be crucial for them to establish cyber resilience.

The convergence of IT and OT security

The operational technology (OT) security products and services market, which addresses legacy industrial systems, is transitioning to more connected platforms and systems with the convergence of IT and OT, enabled by the Industrial Internet of Things (IIoT). While this trend is bringing greater efficiencies and automation, it is also introducing new risks and challenges. Connected OT devices expose potential vulnerabilities within business digital ecosystems, threatening the security of data and impacting business-critical operations.

Identifying potential threats to prevent attacks is going to be the next priority. Powered by huge amounts of accumulated data, machine learning (ML) and artificial intelligence (AL) are set to strengthen threat intelligence capabilities. For example, at Orange Cyberdefense, we analyze more than 30 billion security events and 20,000 individual items of malware each day. Studying the behaviors of these threats helps us predict and protect against emerging attacks.

Multi-cloud security becomes a priority

In constantly evolving regulatory environments, multi-cloud services and requirements continue to grow (often mandated), and securing this cloud sprawl becomes a new challenge. Many enterprises are not aware of the complexities that multi-cloud brings, through a heightened lack of control and visibility over their dispersed cloud estate and resources. They only become aware of the complexity of their cloud environment when an incident occurs.

According to IDC, by 2020, 90% of enterprises will be using a combination of cloud services and platforms. There is no doubt that multi-cloud solutions enhance efficiency and bring scalability and agility. However, enterprises must be cautious of potential vulnerabilities that can emerge from this multi-platform approach. Enterprises can undertake audits to evaluate third-party risks to ensure they are compliant on all fronts, including regulatory and contractual agreements. These agreements become even more important to ensure accountability of the network security.

Automated cyberdefense with AI and ML

Moving beyond baby steps toward artificial intelligence (AI) and machine learning (ML), the human and machine partnership is taking definite form and shape. This partnership will be critical as, in time, cybersecurity may become fully automated. ML is invaluable in supporting human expertise by replacing routine tasks, and AI has the ability to provide advanced detection qualification and analysis alongside remediation. The challenge with automated remediation is to ensure it’s smart enough to make decisions that will curb attacks and not amplify them.

For automated cyberdefense to succeed, enterprises need to bring about some behavioral changes. Once the algorithms have been exposed to enough data and they develop sound cognitive skills, businesses must be ready to embrace this opportunity. The biggest question for enterprises in the automated cybersecurity approach is, whether they are comfortable in delegating the decision-making power to machines for issues pertaining to security.

We urge organizations to capitalize on these emerging technologies as a key focus in securing their digital ecosystem. It is important to place security at the core of the design and planning and to adapt sooner rather than later. The technological advancements will never halt, trust between service providers and customers is essential for secure adoption and implementation of emerging technologies and for succeeding in the era of the fourth industrial revolution.

David Allott
David Allott

With more than 20 years’ experience, David has held cybersecurity and technology leadership roles across Asia Pacific. Currently he is the Head of Orange Cyber Defense, Asia Pacific at Orange, engaging with organizations to build secure digital ecosystems, while protecting their data journey through enriched partner and service offerings. Prior to Orange, he held roles at McAfee and Symantec, working with public and private organizations to address cyber-risk and speaking at industry and media events on global cyber threats and trends. David holds a Masters of Management (International Management) from the Macquarie Graduate School of Management in Sydney, Australia.