Why AI isn’t the perfect solution to solve the cyber security crisis

Wednesday 5th June 2019

For any organisation, the need for high-quality cyber security is a must to keep data, files and digital operations safe from the threat of hackers and attacks.

The concept of artificial intelligence (AI) and machine learning is one which is rising across a plethora of sectors and industries, and cyber security systems are now introducing this to improve the level of protection. 2019 looks set to be the year where AI comes to the forefront as the leading approach to cyber security.

Yet whilst AI can increase efficiencies and have higher levels of competency when providing the solutions to suspect activity, it’s also an effective tool for those attempting to hack and infiltrate our data. Essentially, we are entering an age where AI will need to fight AI.

The rising threat of hackers

In recent years, we’ve seen global organisations hit with huge breaches of data caused by hackers breaking through security systems and accessing confidential data.

Arguably the biggest, and most covered, case of cyber attacking last year was Cambridge Analytica and its harvesting of private information from over 50 million Facebook accounts. This data breach was used to try predict and influence voters’ decisions at the polls, and the amount of information obtained was described as being at unprecedented levels.

T-Mobile was also stung by hackers, with two million customers’ data being leaked, whilst British Airways suffered a similar fate with almost 400,000 individual customer accounts hacked. Universities across the UK have also become a target for the hackers, in attempts to steal unpublished research and gain access to confidential information.

Partnered with the ever-expanding boundaries of innovation, the threat of hackers will keep on growing, highlighting the need to improve cyber security systems to deter and combat any suspect activity.

An innovative move to advance security

Traditional cyber security is designed on signature-based systems, using a linear approach to detect patterns, anomalies and irregularities. Similar to automation, it tackles any potential issues or problems with an ‘if A happens, we will counteract this with B’ tactic – in short, it is devised to combat one particular issue with one particular solution.

However, with the introduction of AI, cyber security can take a different approach. It has the ability to continually learn, develop and grow through accessing more data, meaning the most efficient solution to a problem can be found, rather than just the programmed one. To go back to the original example, if A happens within an AI security system, B, C or D could potentially happen to provide the best outcome.

AI looks at the vulnerabilities of cyber security and looks to improve its protection quality, whilst working alongside the traditional security methods. Using huge data sets, AI systems can be trained to detect issues and recognise patterns to defend companies’ digital assets. Through using a dynamic approach, micro behaviours can be studied and developed to effectively encrypt systems.

Limitations and exploitations

Although AI looks to improve cyber security, it isn’t a forgone conclusion that adopting this innovation would solve all potential issues.

Firstly, it needs to be recognised that AI is not a standalone software that just teaches itself – it requires a large amount of data and computing power. The creation of huge data sets to support AI brings with it the need for research and resource for implementation, including the feeding and pawning of data – both of which are costly and time-consuming. There also needs to be an understanding of malicious and non-malicious data codes, to ensure the correct issues are being detected and rectified.

The Internet of Things (IoT) has become a problematic area when it comes to cyber security, as it increases the number of potential weak points in networks of devices.  That increased level of connectivity benefits those attempting to hack and attack systems.

AI has the ability to improve and increase speed, capabilities, opportunities and chances of success when it comes to breaching cyber security. The self-learning systems endeavour to increase knowledge, thus becoming better informed through every attempt and failure. Hackers will see through your AI cyber security by using AI themselves to spot and exploit any potential weaknesses.

Organisations keeping attackers at bay

But alongside cyber security and AI systems, businesses can implement internal actions to ensure the risk of cyber-attacks is significantly condensed.

Raising awareness is a key aspect of reducing the risk of potentially harmful activity. Organisations need to place more emphasis on educating workforces on cyber attacks and the threats brought with them, offering training on the best practices for spotting and reporting any signs.

Paying more attention and monitoring what is coming in and leaving the system is hugely important. Hackers will be looking to extract confidential data and implant potentially harmful files, so organisations must be vigilant on activity for both. The implementation of ingress and egress filtering systems can help ensure the data entering and leaving yours system is as expected.

Ensuring firewalls and malware software systems are regularly updated can help fix any potential bugs which hackers may be able to exploit and conducting checks on all hardware and software can assist in maintaining a healthy digital operation.

Having a road to recovery

There is no one way to solve this issue of hackers – companies will always remain prone to attacks. As we develop new ways to keep our data and systems protected, attackers will also find new methods of hacking into our systems. It’s a race between cyber security developers and hackers to find and fix (or take advantage of) the issue.

One piece of advice I give my clients is to make sure they have a recovery strategy in place. With the risk of a cyber-attack being prevalent in modern business, companies need to have a plan in case the worst happens, and their systems and data are infiltrated. Through having a recovery strategy, companies can efficiently fix issues, protect their systems and get them back on track. Having those processes in place are also useful in mitigating potential regulator fines.

The intelligence may be artificial, but the risks AI brings to our cyber security are real. The security arms race is happening right now, so cyber software needs to be evaluated and new products implemented and integrated into existing systems to meet desired objectives to battle the ever-growing presence of hackers.