itb-au logo
Story image

Bringing a gun to a gunfight: Countering AI-enabled threats

14 Aug 2018
Kai Ping Lew
Share:

As artificial intelligence gains traction, organisations are beginning to find enterprise use cases for the technology.

At the same time, cybercriminals are also finding ways to weaponise the technology to execute more sophisticated attacks at a higher volume.

A report by the Electronic Frontier Foundation found that there are several characteristics of AI that lend themselves well to being utilised in cyberattacks: namely its scalability, the ability for its algorithms to be rapidly distributed, and its ability to exceed human capabilities.

Using AI to amplify cyber threats

AI-enabled cyberattacks can expand existing threats, introduce new threats, and alter the typical character of threats, allowing attacks to be more versatile, effective, and targeted.

As an example, AI could influence email attacks such as spear phishing to become more automated – and it could even eliminate the need for the attacker to speak the same language as the target.

It could also target malware’s behaviour that it becomes impossible for humans to control in a manual way.

In response, security experts have turned to the same technology that makes them so effective to combat these threats.

Artificial intelligence can reduce human effort and lower the time needed to detect, respond to, and recover from cybersecurity incidents.

One organisation focusing on this area is LogRhythm’s with its AI-enabled security operations centre CloudAI.

The integration of artificial intelligence with it security operations centre was aimed at realising the following outcomes:

  • Discerning patterns of known threats, on a global, geographic, vertical, and company basis and detecting in real time every observed instance going forward.
  • Discerning with security and risk relevancy the behavioural shifts across the IT environment that predict and detect with accuracy an active or emerging threat.
  • Enabling organisations to perform effective threat hunting – augmenting what is today an art few can effectively perform or afford.
  • Eliminating false negatives with a very low false positive frequency, and present alarms with real time risk context in support of detecting and neutralising threats early in the kill chain.

AI in security applications

User and entity behaviour analytics (UEBA) is a perfect application for machine learning as long as the necessary security context is available for understanding the significance of each anomaly.

Gartner defines UEBA as profiling and anomaly detection based on a range of analytics approaches, usually using a combination of basic analytics methods.

Machine learning can make UEBA considerably more effective for the following reasons:

• Machine learning can handle the volumes of data to be analysed and the environment to be understood. This includes being able to incorporate many types of data sets, from network traffic patterns and application data to records of user authentication attempts and user access to sensitive data.

• Machine learning-driven UEBA is well suited for identifying “qualified” threats—those that are legitimate and require action. Machine learning can take many more factors into consideration than humans can when looking at potential threats, and it can do so in near real time.

UEBA is only one example of the possible applications of artificial intelligence in cybersecurity.

The same characteristics that make it an efficient tool for executing cyber attacks – scalability, versatility, and efficiency at processing large amounts of data in a short time – also make it effective for threat detection, threat response, and against insider threats. 

See how you can detect and stop an insider threat with LogRhythm CloudAI with UEBA.

Related stories:
DataRobot enhances enterprise AI platform
DataRobot offers free AI platform to help fight COVID-19
Why AIOps should be at the top of tech ‘to do’ lists
How our publisher harnessed machine learning to overhaul Techday websites
Alibaba Cloud connects medical pros around the world during COVID-19
Dataiku brings more power to data pros with latest release
Dig deeper:
Story image
Google Cloud says it's ready for the coming strain on infrastructure
The cloud giant says that they are working with governments and network operators around the world to minimise stress on the system.More
Story image
SailPoint Peer Insights Choice for identity management
SailPoint is the only vendor to receive the ‘Customers’ Choice’ distinction in the Identity Governance and Administration segment.More
Story image
Aus waste management company taps Vertel to deliver telco solution
"Using the PoC service provided by Ondacomms and Vertel, communication is now clearer between staff members."More
Story image
Google Cloud’s 2019 partner award winners
As Google Cloud continues to grow, here are the locally operating partners who are making strides with GCloud sales and services.More
Story image
IBM integrates Okta identity solutions to cloud offerings
“We’re excited to formalise the partnership to provide our joint customers with the technology to help secure their organisations.”More
Story image
ESET launches resource to protect remote workers during COVID-19
"If adequate security measures aren’t implemented on every device or network that connects to the corporate network, bad actors can go undetected."More
Story image
Google Cloud says it's ready for the coming strain on infrastructure
The cloud giant says that they are working with governments and network operators around the world to minimise stress on the system.More
Story image
SailPoint Peer Insights Choice for identity management
SailPoint is the only vendor to receive the ‘Customers’ Choice’ distinction in the Identity Governance and Administration segment.More
Story image
Aus waste management company taps Vertel to deliver telco solution
"Using the PoC service provided by Ondacomms and Vertel, communication is now clearer between staff members."More
Story image
Google Cloud’s 2019 partner award winners
As Google Cloud continues to grow, here are the locally operating partners who are making strides with GCloud sales and services.More
Story image
IBM integrates Okta identity solutions to cloud offerings
“We’re excited to formalise the partnership to provide our joint customers with the technology to help secure their organisations.”More
Story image
ESET launches resource to protect remote workers during COVID-19
"If adequate security measures aren’t implemented on every device or network that connects to the corporate network, bad actors can go undetected."More
Story image
Outsourcing as an opportunity to start your own business
Outsourcing provides a very good opportunity to start your business from scratch, especially if you have a team of like-minded people. More
Link image
Why secure remote access tools are more important and valuable than ever
Cyber attacks are ramping up as more people work from home and render themselves vulnerable. Here's why an effective remote access tool is absolutely essential to keep systems and users secure.More
Download image
Five ways to transform access and secure your enterprise
Improving security just a little bit more by adding multifactor authentication (MFA) can provide strong security as users access the mobile apps they need to stay connected and productive.More
Story image
HPE looks to advance 5G developments with vendor neutral offering
Hewlett Packard Enterprise (HPE) has added the Open Distributed Infrastructure Management (ODIM) initiative to its open 5G portfolio.More
Story image
BlackLine offers free finance and accounting services to help business get through COVID-19
BlackLine has made a number of its services complimentary as it looks at ways it can help accounting teams operate during the COVID-10 pandemic. More
Story image
Microsoft Azure virtual desktop solution ideal for remote working, Empired states
Businesses should be considering connectivity and physical equipment when it comes to remote working plans. A tool such as WVD can help, Empired states.More
Story image
Board International launches solution marketplace
Organisations are able to browse ready-made solutions built specifically for the Board decision-making platform, which complement customers’ existing Board solutions.More
Story image
InterSystems helps Aus laboratories in the fight against COVID-19
"InterSystems is proud to be helping SydPath, Austech Medical Laboratories, Goulburn Valley Health Pathology and other clinical laboratories, and we will continue making additional resources available to customers dealing with the pandemic.”More
Story image
Protecting remote workers amid COVID-19
Cybercrime is escalating amid the pandemic - how can businesses protect remote workers?More
Story image
Nutanix & Udacity launch hybrid cloud nanodegree program
Nutanix is sponsoring 5000 scholarships, to be taught via Udacity, which will school IT professionals on topics such as modern private cloud infrastructure and the design of hybrid application deployment.More
Story image
Acronis mobilises the home office in the remote working age
One of the biggest changes for Acronis, like many companies, is the transition that allows all employees to work from home.More
Story image
Myriota cements North America presence through exactEarth deal
Australian-based nanosatellite IoT connectivity firm Myriota has gained a stronger foothold in North America and Canada after signing a deal with satellite-AIS data services provider exactEarth.More
Story image
Ivanti launches automated assistants to empower IT teams
Ivanti has added new Ivanti Assistants to its portfolio of enterprise service management (ESM) solutions to bring endpoint self-healing capabilities to businesses.More
Story image
New solution shines light on Dark Web credential trading
The Kaseya-owned Spanning Cloud Apps has released software that monitors the Dark Web for compromised Office 365 credentials.More
Story image
Start-up advances online marketing, boosted by $5M in funding
"The development of a full self-service platform will give our clients an unprecedented level of insight and control over their SEM and SEO efforts, and will ultimately be an incredible game-changer for the industry."More
Story image
PMT Security launches body-temp scanning solution for enterprise, Seadan to distribute
"It was a no-brainer for us to choose our trusted partners Seadan. We engaged and took advice from them during the decision-making process to find the best UNV product to bring to market."More
Link image
How authentication can prevent data breaches
Learn more about the critical elements of any access decision.More
Link image
AvePoint Free Webinar: Maximise productivity using Microsoft Teams Template
As more workers turn to Microsoft Teams for remote productivity, learn how to leverage the Teams Template functionality when creating new Teams and how to provide unique provisioning, sharing and other settings for different departments.More
Link image
RSA offers cutting edge authentication software free
Secure authentication has never been more important now that remote working is the norm. Leverage biometrics, push notification and multi-factor authentication for free now.More
Story image
74% of CFOs want staff to work from home permanently - Gartner
The report revealed that 74% CFOs and finance leaders intend to move at least 5% of their previously on-site workforce to permanently remote positions post-COVID 19.More
Link image
Business continuity taking a hit? It doesn't have to
The rapid developments in a world with COVID-19 makes business continuity difficult. Connect your workforce remotely, securely and easily with Westcon-Comstor.More
IDC: 4Q19 picks up cloud infrastructure market
The 12.4% year-over-year growth in 4Q19 brought the full year into positive territory with annual growth of 2.1% and total spending of $66.8 billion.More
NGNY brings cloud services to Aboriginal businesses with iland
Ngakkan Nyaagu (NGNY) is partnering with iland to bring cloud infrastructure, backup and disaster recovery services to Australian-based businesses.More
Do not wait: Look at your IoT devices now
As millions of people become confined to their homes, the security of Internet of Things devices has never been so important.More
Frost & Sullivan delves deep into authentication
rost & Sullivan examines the considerations an organisation must take into account when formulating its authentication strategy. More
Nutanix drives further A/NZ expansion with new managing director
“We are witnessing a fundamental shift in the way corporate Australia and New Zealand does, and will do, business in the future."More
Ricoh debuts new range of A4 colour multi-function devices for the digital workplace
"Digital workplaces deploying the new Ricoh devices can scale their capabilities based on their latest needs, while also keeping security features and software completely up to date."More
Take advantage of free multi-factor authentication as you work remotely
Cybersecurity is shaping up to be one of the most important areas to consider while working from home. Leverage biometrics and password authentication for free with RSA.More
Windows & Linux server monitoring for just $9 a month
Monitor your entire server infrastructure and get in-depth visibility into key performance indicators of your data center's Windows & Linux servers.More
Survey reveals Australians' appetite for remote working
The survey quizzed 1,000 office-working Australians, as well as participants in France, Germany, Italy and the UK, and was completed between 23 and 26 March.More
Need better security now your workforce is remote? Get it for free
Remote working comes with all kinds of cybersecurity risks. Protect your business by leveraging multi-factor authentication, biometrics and push notification software for free.More
Australia's IT & software sector job market on the rise
The IT and software services sector is going through a recruitment boom, even though COVID-19 is causing a sharp decline in year-on-year hiring growth across all Australian industries.More
How small security teams can benefit from simple attack detection and response
When you have a small, expensive, generalist security team, it is an inefficient use of their time to be chasing down ghosts and false positives. More
Avoid employee underpayment woes with better planning and forecasting
Accurately paying people for the hours they work is only part of the issue. You also need to be able to plan for the future. More
How to defend cloud environments against insider threats
Let’s discuss the main types of insider threats facing businesses today and explain how to mitigate their risks through various technologies.More
Jamf announces same-day support for Apple's spring OS release
IT administrators who use the Jamf platform will be able to ensure uninterrupted management workflows whilst keeping operating systems across Apple TV, iPad, iPhone and Mac devices up to date.More
8x8 video conference usage up 1000%
The research found people are adopting video conferencing technology with "unprecedented velocity".More
NetFoundry offers new Azure integration to extend edge computing and 5G
In a bid to advance Internet of Things (IoT) edge computing and private 5G, NetFoundry has extended its integration with Microsoft Azure Edge Zones.More
UTS & Institute of Data announce scholarship program
But those who are finding themselves on reduced hours or out of work completely may be able to use that time to upskill.More
More stories