Why machine learning is the future of securityThursday, April 27, 2017
As attack volumes increase exponentially, has the time for machines to take some of the strain finally come?
Another month, another smattering of high profile breaches, another slew of passwords to reset - the numbers keep creeping up. But behind the big-hitting headlines that generalise for maximum effect, there are more interesting statistics to be had.
Although attacks on web applications account for only 8 per cent of overall reported incidents (whether they were successful or not), attacks on web applications accounted for over 40 per cent of incidents resulting in a data breach, and were the single-biggest source of data loss.
“These findings are a clear indication that web applications in many organizations are not just exposed, but are disproportionately vulnerable compared to other points of attack”, concluded a study by Verizon.
So what can enterprises do to plug this potentially serious hole in their security profile? Well, plenty, but there are pros and cons to many of the traditional solutions. Manual pen testing is resource intensive, therefore costly, and many organisations therefore pen test so rarely that the results become meaningless and unactionable. Fully automated testing is almost the mirror image - scalable and cost effective in theory, but can generate such a volume of false positives that the real actionable data is obscured. Frost and Sullivan recently published a whitepaper illustrating this conundrum rather neatly:
The whitepaper concluded: “Web application security testing capacities with a fully automated technology or a human have their disadvantages and weaknesses. Therefore, it’s vital to combine automation and human intelligence. Machine learning technology can significantly reduce the amount of time humans spend on certain tasks and processes, reducing the overall cost and delivering greater value to organizations.”
Ilia Kolochenko, CEO, High-Tech Bridge echoed the study findings: “Modern machine technologies, based on Artificial Neural Networks (ANN) for example, can significantly reduce human time and efforts to perform certain tasks, particularly in cybersecurity.”
However, he continued to warn of the dangers of concluding that machine learning or AI represents a panacea: “However, such technologies are usually quite complicated to design, train and monitor to get relevant and continuously improving results. AI-based technologies can optimise many tasks and save resources, however they are not likely to replace human intelligence in the next ten years.”
High-Tech Bridge’s award-winning web security testing platform ImmuniWeb is based on its proprietary machine learning technology (Artificial Neural Networks) used for intelligent automation of vulnerability scanning and detection, and was recently recognized as a disruptive innovator in the application security testing market.
The global Application Security Testing (AST) market is estimated to grow from $2.24 billion in 2016 to $6.77 billion by 2021, at a CAGR of 24.8 per cent. However, the importance of machine learning and AI is not limited to web security testing principles, but the whole cyber security industry.
This is certainly true of the anti-virus segment of the industry, where the old manual approach of identifying a strain of malware, then writing a signature and pushing it out to end clients in an update is rapidly (and some would argue has been for some time) becoming overwhelmed by a combination of outright volume and ingenious countermeasures from criminals.
Recent daily figures from some major vendors include Kaspersky Lab (323,000 new malicious programs), AV-TEST (390,000 new malicious programs), and Symantec, which claims to uncover almost a million new threats per day. However big the pinch of salt you take with these figures, that’s an awful lot of new malware every 24 hours. AV vendors have increasingly turned to AI-related tools to combat this tide, and new entrants have talked up the concept particularly energetically in the last 12 months.
“The entire cyber security industry, not just the web security testing segment, will rely on artificial intelligence to complement humans, and vice versa. It is a new, exciting era”, concluded Frost & Sullivan in the whitepaper. Maybe it is time your business looked at where machine learning can help - not just tomorrow, but also today?