<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>cyber security Archives - Artificial Intelligence</title>
	<atom:link href="https://www.aiuniverse.xyz/tag/cyber-security/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.aiuniverse.xyz/tag/cyber-security/</link>
	<description>Exploring the universe of Intelligence</description>
	<lastBuildDate>Fri, 16 Oct 2020 07:18:59 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>How can artificial intelligence help in the fight to remain secure?</title>
		<link>https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/</link>
					<comments>https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Fri, 16 Oct 2020 07:18:52 +0000</pubDate>
				<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[Artificial intelligence (AI)]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Machine learning]]></category>
		<category><![CDATA[Security]]></category>
		<category><![CDATA[Technology]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=12275</guid>

					<description><![CDATA[<p>Source: itpro.co.uk Artificial intelligence (AI) has gone from being science fiction to an increasingly common part of our lives. TV streaming services use AI and machine learning (ML) to make <a class="read-more-link" href="https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/">How can artificial intelligence help in the fight to remain secure?</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: itpro.co.uk</p>



<p class="wp-block-paragraph">Artificial intelligence (AI) has gone from being science fiction to an increasingly common part of our lives. TV streaming services use AI and machine learning (ML) to make recommendations of what you might like to watch next, for example, while other AI programmes can carry out rapid trading on the stock market without human intervention.</p>



<p class="wp-block-paragraph">The information security sector hasn’t been left untouched by this trend, either. Increasingly, an AI element in cyber security technology is seen less as a nice-to-have and more as an essential part of the package.</p>



<p class="wp-block-paragraph">“AI [has become] an expected feature within cyber security products and services,” says Jeff Pollard, Vice President &amp; Principal Analyst at Forrester. “It&#8217;s now not a distinguishing characteristic or, you know, something that&#8217;s outside of the norm, it&#8217;s fully expected to be in there.”</p>



<p class="wp-block-paragraph">It’s not just in defensive software that AI is playing a role, either. Microsoft has developed an AI-powered tool that can help developers spot bugs in their code with a claimed accuracy rate of 99%. In theory, this could eliminate a large portion of the software security flaws a malicious actor could exploit at the point of their creation.</p>



<h3 class="wp-block-heading">An unsleeping sentinel</h3>



<p class="wp-block-paragraph">For those on the front lines of cyber defenses, AI is fast becoming a game changer.</p>



<p class="wp-block-paragraph">Craig York, CTO at Milton Keynes University Hospitals NHS Trust, has found that AI is a vital tool in his cybersecurity arsenal. He cites the 2017 WannaCry crisis as a turning point for the IT community when it comes to security.</p>



<p class="wp-block-paragraph">“WannaCry made security a board-level discussion,” York tells&nbsp;<em>IT Pro</em>.</p>



<p class="wp-block-paragraph">It was at around this time that he was introduced to Darktrace, a company specialising in AI-enabled security software, by a colleague at West Suffolk NHS Foundation Trust, which was already a customer.</p>



<p class="wp-block-paragraph">“Humans can only do so much,” explains York. “We have three people in our cyber security team and while they’re very capable and very diligent, they&#8217;re human beings; they take breaks, they have a cup of tea. They need lunch, and they go home at the end of the working day.</p>



<p class="wp-block-paragraph">“Having the latest and greatest patches doesn&#8217;t necessarily defend against everything that&#8217;s out there at the moment. And, if anything, some of our cybersecurity attacks are coming from other parts of the world that are doing business, effectively, when we aren&#8217;t at the hospital.”</p>



<p class="wp-block-paragraph">He says that it’s in this area of cyber defence that AI comes into its own.</p>



<p class="wp-block-paragraph">“We need security technologies that are going to provide a safer hospital. 24 hours a day. 365 days a year, at weekends and bank holidays. The AI technology that we use from Darktrace provides some level of that – it never sleeps, so if the AI thinks that something is happening on the network that shouldn&#8217;t. It can take action straightaway.”</p>



<p class="wp-block-paragraph">While AI is starting to inhabit a critical role in cyber security, particularly as IT departments and organisations as a whole adapt to the hyper-accelerated digital transformation brought about by the COVID-19 pandemic, it pays for IT leaders to think carefully about what problems they need to solve, rather than plumbing for anything labelled AI.</p>



<p class="wp-block-paragraph">“The problem most cyber security vendors have is that it is just that it&#8217;s a buzzword, they can&#8217;t actually explain what they&#8217;re doing with AI – or machine learning for that matter,” cautions Pollard.</p>



<p class="wp-block-paragraph">He explains that while “there are definitely use cases for AI within cyber security”, it’s not something that can – or should – be applied to everything.&nbsp;</p>



<p class="wp-block-paragraph">“The most productive and proven use cases for AI in cyber security are really on the detection side,” he says. “So being able to help identify, you know, malware-associated clustering of activity and behaviour. That’s really an area where it landed and it made a lot of sense.</p>



<p class="wp-block-paragraph">“What we haven&#8217;t seen yet is AI expanded beyond that to more differentiated use cases, or use cases that are not just based on identifying bad things.”</p>



<h3 class="wp-block-heading">Turning the tables</h3>



<p class="wp-block-paragraph">It’s often argued, especially by those in the tech industry, that technology is neutral. Being passive and unable to act of its own accord, it’s how it is used that is good or bad, rather than the tool itself. In this, AI is no exception.</p>



<p class="wp-block-paragraph">While it’s become a key component of organisations’ cyber defence strategy, hackers and other malicious actors are also starting to use AI to craft better attacks. One example is pulling together a convincing spear-phishing email, as it’s able to research more thoroughly and more rapidly than humans. Dr Roman Yampolskiy, an associate professor at the University of Louisville, Kentucky, in the department of Computer Engineering and Computer Science and director of the university’s Cybersecurity Laboratory, has claimed the quality of such emails would be so high that “even cybersecurity experts will fall for them”.</p>



<p class="wp-block-paragraph">“AI is dual use technology used by both attackers and defenders,” he tells&nbsp;<em>IT Pro</em>. “In recent years AI has become capable of finding novel exploits.”</p>



<p class="wp-block-paragraph">And while others point to streamlining operations in security departments, Yampolskiy sees another long term possibility: “Like in all other fields AI will eventually fully automate all aspects of the job. Given that both attackers and defenders use AI, it will become an arms race between their AIs.”</p>



<p class="wp-block-paragraph">For now, though, it’s fair to say that while organisations should be realistic in their expectations of what AI can do, incorporating it into your cyber defences is quickly becoming best practice.</p>
<p>The post <a href="https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/">How can artificial intelligence help in the fight to remain secure?</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/how-can-artificial-intelligence-help-in-the-fight-to-remain-secure/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Lifting the cyber security of the Internet of Things: voluntary Code of Practice</title>
		<link>https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/</link>
					<comments>https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Fri, 04 Sep 2020 07:41:32 +0000</pubDate>
				<category><![CDATA[Internet of things]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[cybercriminals]]></category>
		<category><![CDATA[government]]></category>
		<category><![CDATA[Internet of Things]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=11367</guid>

					<description><![CDATA[<p>Source: minister.defence.gov.au The Morrison Government has today released a voluntary Code of Practice to improve the security of the Internet of Things (IoT) in Australia – including <a class="read-more-link" href="https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/">Lifting the cyber security of the Internet of Things: voluntary Code of Practice</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: minister.defence.gov.au</p>



<p class="wp-block-paragraph">The Morrison Government has today released a voluntary Code of Practice to improve the security of the Internet of Things (IoT) in Australia – including everyday devices such as smart fridges, smart televisions, baby monitors and security cameras.</p>



<p class="wp-block-paragraph">Minister for Home Affairs Peter Dutton said cyber security has never been more important to Australia’s economic prosperity.</p>



<p class="wp-block-paragraph">“Internet-connected devices are increasingly part of Australian homes and businesses and many of these devices have poor security features that expose owners to compromise,” Mr Dutton said.</p>



<p class="wp-block-paragraph">“Manufacturers should be developing these devices with security built in by design.</p>



<p class="wp-block-paragraph">“Australians should be considering security features when purchasing these devices to protect themselves against unsolicited access by cybercriminals.”</p>



<p class="wp-block-paragraph">Minister for Defence Senator the Hon Linda Reynolds CSC said the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has today also released quick and easy tips to help Australian consumers protect themselves against cyber threats when buying and using internet-connected devices.</p>



<p class="wp-block-paragraph">“Boosting the security and integrity of internet connected devices is critical to ensuring that the benefits and conveniences they provide can be enjoyed without falling victim to cybercriminals,” Minister Reynolds said.</p>



<p class="wp-block-paragraph">When purchasing and setting up an IoT device, some of the questions families and businesses should ask are:</p>



<ol class="wp-block-list"><li>Is the device made by a well-known reputable company and sold by a well-known reputable company?</li><li>Is it possible to change the password?</li><li>Does the manufacturer provide updates?</li><li>What data will the device collect and who will the data be shared with?</li></ol>



<p class="wp-block-paragraph">The ACSC has also produced guidance for manufacturers on how to implement the loT Code of Practice.</p>



<p class="wp-block-paragraph">The Code of Practice is a key deliverable as part of the 2020 Cyber Security Strategy and has been developed in close partnership with industry following nation-wide consultation earlier this year. It outlines the cyber security features the Government expects of internet-connected devices available in Australia.</p>



<p class="wp-block-paragraph">The Code of Practice also aligns and builds upon guidance provided by the United Kingdom, and is consistent with other international standards.</p>



<p class="wp-block-paragraph">The Australian Government will continue to explore further initiatives for lifting the security of the Internet of Things and making Australia the safest place to connect online.</p>
<p>The post <a href="https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/">Lifting the cyber security of the Internet of Things: voluntary Code of Practice</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/lifting-the-cyber-security-of-the-internet-of-things-voluntary-code-of-practice/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>New Graduate Programs in Data Science and Artificial Intelligence Power Professional Success</title>
		<link>https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/</link>
					<comments>https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Thu, 13 Aug 2020 06:57:17 +0000</pubDate>
				<category><![CDATA[Data Science]]></category>
		<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[COVID-19]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[data science]]></category>
		<category><![CDATA[Future]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=10855</guid>

					<description><![CDATA[<p>Source: sandiego.edu New graduate engineering programs in applied data science and applied artificial intelligence are attracting strong interest from professionals looking to expand their skills during the <a class="read-more-link" href="https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/">New Graduate Programs in Data Science and Artificial Intelligence Power Professional Success</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: sandiego.edu</p>



<p class="wp-block-paragraph">New graduate engineering programs in applied data science and applied artificial intelligence are attracting strong interest from professionals looking to expand their skills during the COVID-19 pandemic.</p>



<p class="wp-block-paragraph">&#8220;We have seen a tremendous amount of interest in our&nbsp;online master&#8217;s degree programs in the last few months, both in terms of enrollments and consideration for future&nbsp;term starts,” said Shiley-Marcos School of Engineering Dean Chell Roberts.</p>



<p class="wp-block-paragraph">“The pandemic has sent working people all over the world into tailspins in their professions, but the response we&#8217;ve seen in applicants pursuing online master&#8217;s degrees during this time is indicative of their focus of turning their current&nbsp;disadvantaged situations into positive ones in&nbsp;the future,” he added.</p>



<p class="wp-block-paragraph">“In particular, our new&nbsp;MS in&nbsp;Applied Data Science and&nbsp;MS in&nbsp;Applied Artificial Intelligence programs&nbsp;through USD’s Shiley-Marcos School of Engineering&nbsp;have a special appeal given the high labor demand in the fields of data science and artificial intelligence.”</p>



<p class="wp-block-paragraph">The first cohort of the Applied Data Science program, for example, is expected to have nearly 40 students when it begins in the Fall of 2020.</p>



<p class="wp-block-paragraph">&#8220;The Masters&#8217; programs offered by USD’s Shiley Marcos School of Engineering are differentiated in two principal ways,” explained Associate Dean of Graduate Programs Venkat Shastri. “First, they have been designed in close collaboration&nbsp;with senior professionals from the industry who have deep technical knowledge and often serve as hiring managers in global companies. Further, courses are taught by Professors of Practice with significant experience in the application of complex theoretical and computational tools to real world problems.”</p>



<p class="wp-block-paragraph">Both the Applied Data Sciences and Applied Artificial Intelligence programs are offered in partnership with USD’s Division of Professional and Continuing Education and are designed to be completed in 20 months over five semesters. USD also continues to offer a master’s degree In CyberSecurity Engineering. The Shiley-Marcos School of Engineering is also working with the School of Business on an online program in innovation, technology and entrepreneurship.</p>



<p class="wp-block-paragraph">“With a growing need for qualified engineers in Cyber Security, Applied Data Science and Applied Artificial Intelligence, graduates from these programs will not only be highly sought after but also have the foundational skills to become the Changemakers of tomorrow,” Shastri said.</p>
<p>The post <a href="https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/">New Graduate Programs in Data Science and Artificial Intelligence Power Professional Success</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/new-graduate-programs-in-data-science-and-artificial-intelligence-power-professional-success/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Internet of Things devices: Stick to these security rules or you could face a ban</title>
		<link>https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/</link>
					<comments>https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Mon, 20 Jul 2020 05:26:51 +0000</pubDate>
				<category><![CDATA[Internet of things]]></category>
		<category><![CDATA[could]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Internet of Things]]></category>
		<category><![CDATA[Technology]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=10301</guid>

					<description><![CDATA[<p>Source: zdnet.com Insecure&#160;Internet of Things devices&#160;and other connected products could be banned if they fail to meet basic security standards to be used in homes and businesses. <a class="read-more-link" href="https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/">Internet of Things devices: Stick to these security rules or you could face a ban</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: zdnet.com</p>



<p class="wp-block-paragraph">Insecure&nbsp;Internet of Things devices&nbsp;and other connected products could be banned if they fail to meet basic security standards to be used in homes and businesses.</p>



<p class="wp-block-paragraph">Proposals from the Department for Culture, Media and Sport (DCMS) and the National Cyber Security Centre (NCSC) have set out three standards that manufacturers will have to follow if their smart devices are to be sold in the UK – and potential punishments if the standards aren&#8217;t met.</p>



<p class="wp-block-paragraph">The&nbsp;proposed rules&nbsp;are relatively modest in scope. They would require that device passwords must be unique and not re-settable to any universal factory setting, that manufacturers must provide a public point of contact so anyone can report a vulnerability, and that makers must state the minimum length of time that the device will receive security updates.</p>



<p class="wp-block-paragraph">The NCSC is also looking for feedback from product manufacturers on the proposed legislation in order to ensure that they can be helped to make IoT devices as secure as possible.</p>



<p class="wp-block-paragraph">&#8220;People are at risk because fundamental security flaws in their connected devices are often not fixed – and manufacturers need to take this seriously,&#8221; said Dr Ian Levy, technical director at the NCSC.</p>



<p class="wp-block-paragraph">&#8220;We would encourage all consumer device manufacturers to make their views heard and help us ensure the technology people bring into their homes is as safe and secure as possible.&#8221;</p>



<p class="wp-block-paragraph">The government is also seeking suggestions on the sanctions required. For example, one option is that devices that don&#8217;t meet the security requirements could be temporarily or even permanently banned from being sold in the UK. Products deemed to be insecure could also be issued with recall notices, requiring manufacturers and retailers to organise the return of devices.</p>



<p class="wp-block-paragraph">It&#8217;s even possible that manufacturers who are deemed to have sold insecure devices that put consumers and businesses at risk could have the products confiscated and destroyed, and even find themselves issued with a financial penalty.</p>



<p class="wp-block-paragraph">The aim of the proposals is to help protect UK citizens and businesses&nbsp;from the threats posed by cyber criminals increasingly targeting Internet of Things&nbsp;devices. IoT devices can be a weak point into home and corporate networks, providing cyber criminals with a backdoor into targets, as well as the ability to rope in IoT devices to conduct DDoS attacks.</p>



<p class="wp-block-paragraph">&#8220;Internet of Things products are quickly growing in popularity but most people still do not realise the dangers to personal data from smart products that are insecure,&#8221; said Graham Wynn, assistant director of the British Retail Consortium.</p>



<p class="wp-block-paragraph">&#8220;We welcome practical proposals from the government based on the three rigorous requirements to ensure that consumers&#8217; safety and privacy are protected,&#8221; he added.</p>



<p class="wp-block-paragraph">The proposed rules were&nbsp;previously detailed as potential legislation earlier this year, with the latest announcement moving another step forward to becoming law.</p>



<p class="wp-block-paragraph">The UK isn&#8217;t alone in attempting to secure Internet of Things devices – ENISA, the European Union&#8217;s cybersecurity agency,&nbsp;is also working towards legislation&nbsp;in this area, while&nbsp;the US government is also looking to regulate IoT in an effort to protect against cyberattacks.</p>
<p>The post <a href="https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/">Internet of Things devices: Stick to these security rules or you could face a ban</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/internet-of-things-devices-stick-to-these-security-rules-or-you-could-face-a-ban/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Security Think Tank: AI in cyber needs complex cost/benefit analysis</title>
		<link>https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/</link>
					<comments>https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Wed, 15 Jul 2020 06:25:11 +0000</pubDate>
				<category><![CDATA[Machine Learning]]></category>
		<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[Automation]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Machine learning]]></category>
		<category><![CDATA[Security]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=10190</guid>

					<description><![CDATA[<p>Source: computerweekly.com The importance of automation is not being overestimated, but the capacity of machine learning (ML) and other forms of artificial intelligence (AI) applications to achieve trustworthiness in <a class="read-more-link" href="https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/">Security Think Tank: AI in cyber needs complex cost/benefit analysis</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: computerweekly.com</p>



<p class="wp-block-paragraph">The importance of automation is not being overestimated, but the capacity of machine learning (ML) and other forms of artificial intelligence (AI) applications to achieve trustworthiness in automation is. To succeed with AI for automated cyber security, we need to let go of the unrealistic goal of trustworthiness. Use it, but don’t trust it.</p>



<p class="wp-block-paragraph">The volume of data which could indicate an attack or be lost as a result of an attack requires a level of surveillance that is beyond what a team of human cyber security experts could achieve. The very definition of threat and anomaly detection (TAD) is a recipe for automation: finding outliers in a dataset, a repetitive task to identify patterns.</p>



<p class="wp-block-paragraph">There are clear advantages to using AI to automate certain cyber security tasks. Identification of these patterns can contribute to building predictive models to identify attacks before they occur or to provide decision support while an attack is underway.</p>



<p class="wp-block-paragraph">These AI applications usually that glean their insights from unsupervised learning for model development or neural networks, yielding very promising outcomes. However, they lack the ability to provide transparent explanations for individual decisions.</p>



<h3 class="wp-block-heading">AI in cyber security has two main drawbacks</h3>



<p class="wp-block-paragraph">Automation brings its own controversy to cyber security. The way we justify automation inherently requires trust. If the goal is to free up valuable human capacity from repetitive, time-consuming tasks, we fundamentally want to remove humans from those tasks, meaning that we must trust the system to produce as good or better results than if our team were responsible.</p>



<p class="wp-block-paragraph">There is a baseline assumption that when we automate, it is because we trust the system to complete the task satisfactorily. Many of the benefits of automation in cyber security come from AI applications, which are chronically incapable of invoking trust.</p>



<p class="wp-block-paragraph">Using AI applications for a predictive and automated cyber security stance bring two major challenges to achieving trust in the company and for the stakeholders being safeguarded.</p>



<p class="wp-block-paragraph">First, many of these predictive cyber security implementations rely on unsupervised learning techniques or neural networks which are currently unable to produce human-readable, localised explanations.</p>



<p class="wp-block-paragraph">Second, these applications also increase a company’s attack vectors by presenting new vulnerabilities that hackers may exploit. Attacks on AI applications take a different form than traditional attacks. Instead of stealing a payload, attacks on AI applications attempt to change or influence the AI application’s behaviour to the hacker’s advantage. Despite efforts to develop retrospectively applied explanation models with some success, it is currently impossible to establish a high level of trust when using AI for automated cyber security tactics.</p>



<h3 class="wp-block-heading">AI in cyber security comes at a cost</h3>



<p class="wp-block-paragraph">These two aspects – the perfect fit that AI is for many cyber security tasks, and the current inability of trusting unfamiliar technologies in an unfamiliar landscape – mean that we cannot manage AI when trust remains in the equation. We need a different management strategy for AI, especially for cyber security. We need to monitor, benchmark, assess, and improve these systems constantly, not trust them.</p>



<p class="wp-block-paragraph">Because we are not yet at a place where we can reliably trust our AI cyber security tools to provide explanations or not to be influenced by backdoor attacks or data poisoning, we must remain suspicious of the framework that was used to train the model including input data, the results it produces, and our measurements of success.</p>



<p class="wp-block-paragraph">This means that there must be other safeguards in place to monitor our newest AI applications in the security operations centre (SOC). One option out of many is to implement parallel dynamic monitoring of an AI system by launching a clone system in a controlled environment as a means of benchmarking the real system’s performance against one that is protected from model drift and some types of malicious attacks.</p>



<p class="wp-block-paragraph">The fact that there is a growing number of&nbsp; options for monitoring systems is promising, but just as the significant progress that has been made in developing explainable models still does not fill all the gaps to provide bulletproof trust, the monitoring strategy we employ to protect our AI applications will still have security and trust gaps. The real cost of using AI must also reflect the cost of monitoring and protecting it.</p>



<h3 class="wp-block-heading">No AI system can be trusted</h3>



<p class="wp-block-paragraph">Our issue is not that some AI systems can be trusted and others not (as some people accessing a system can be trusted and others not), our issue is that no AI system can be trusted nor can it provide adequate means of verifying that it can be trusted, even if it produces satisfactory results.</p>



<p class="wp-block-paragraph">This applies to the relatively straightforward classification tasks because of their sheer volume; it would take far too many resources to verify each decision. It also applies to the more challenging problem of establishing trust in unsupervised and deep learning models because as discussed, there are only limited options to provide an explanation.</p>



<p class="wp-block-paragraph">So in the end, we’re left with the unsatisfying situation of having huge potential for AI in cyber security, limited current means to cultivate trust in those AI applications, and possibly high costs to develop and implement comprehensive monitoring processes to operate without trust. While there is undoubtedly potential in automated AI-based applications in cyber security, the question we are left with is at what cost are we willing to tap that potential.</p>



<p class="wp-block-paragraph">We recommend that if a company decides to incorporate intelligent automated security features, they must allocate time and resources for lifecycle governance of that feature. This could be done in a variety of ways, such as by setting up an interdisciplinary team, by designating a team member to receive training to stay up-to-date on developments and challenges surrounding AI explainability, or by participating in the public efforts to develop governance frameworks and eventually regulation.</p>



<p class="wp-block-paragraph">These, of course, are only a few of many options to improve the measurement and assessment of AI applications, and should be chosen according to a firm’s commitment to using AI.</p>



<p class="wp-block-paragraph">For example, if a company is developing an AI system in-house, then there should be adequate expertise on their team to set up a sub-team to critically assess how the system is monitored.</p>



<p class="wp-block-paragraph">But if a firm is implementing a pre-built AI cyber security application, it may be more appropriate to give extended training to one or two employees. Building scepticism into the monitoring and governance process can allow companies to use artificial intelligence in cyber security without trusting it.</p>
<p>The post <a href="https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/">Security Think Tank: AI in cyber needs complex cost/benefit analysis</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/security-think-tank-ai-in-cyber-needs-complex-cost-benefit-analysis/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Security Think Tank: Artificial intelligence will be no silver bullet for security</title>
		<link>https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/</link>
					<comments>https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Sat, 04 Jul 2020 09:21:34 +0000</pubDate>
				<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[Automation]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Security]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=9996</guid>

					<description><![CDATA[<p>Source: computerweekly.com Undoubtedly, artificial intelligence (AI) is able to support organisations in tackling their threat landscape and the widening of vulnerabilities as criminals have become more sophisticated. However, AI <a class="read-more-link" href="https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/">Security Think Tank: Artificial intelligence will be no silver bullet for security</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: computerweekly.com</p>



<p class="wp-block-paragraph">Undoubtedly, artificial intelligence (AI) is able to support organisations in tackling their threat landscape and the widening of vulnerabilities as criminals have become more sophisticated. However, AI is no silver bullet when it comes to protecting assets and organisations should be thinking about cyber augmentation, rather than just the automation of cyber security alone.</p>



<p class="wp-block-paragraph">Areas where AI can currently be deployed include the training of a system to identify even the smallest behaviours of ransomware and malware attacks before it enters the system and then isolate them from that system.</p>



<p class="wp-block-paragraph">Other examples include automated phishing and data theft detection which are extremely helpful as they involve a real-time response. Context-aware behavioural analytics are also interesting, offering the possibility to immediately spot a change in user behaviour which could signal an attack.</p>



<p class="wp-block-paragraph">The above are all examples of where machine learning and AI can be useful. However, over-reliance and false assurance could present another problem: As AI improves at safeguarding assets, so too does it improve attacking them. As cutting-edge technologies are applied to improve security, cyber criminals are using the same innovations to get an edge over these defences.</p>



<p class="wp-block-paragraph">Typical attacks can involve the gathering of information about a system or sabotaging an AI system by flooding it with requests.</p>



<p class="wp-block-paragraph">Elsewhere, so-called deepfakes are proving a relatively new area of fraud that poses unprecedented challenges. We already know that cyber criminals can litter the web with fakes that can be almost impossible to distinguish real news from fake.</p>



<p class="wp-block-paragraph">The consequences are such that many legislators and regulators are contemplating the establishment of rule and law to govern this phenomenon. For organisations, this means that deepfakes could lead to much more complex phishing in future, targeting employees by mimicking corporate writing styles or even individual writing style.</p>



<p class="wp-block-paragraph">In a nutshell, AI can augment cyber security so long as organisations know its limitations and have a clear strategy focusing on the present while constantly looking at the evolving threat landscape.</p>
<p>The post <a href="https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/">Security Think Tank: Artificial intelligence will be no silver bullet for security</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/security-think-tank-artificial-intelligence-will-be-no-silver-bullet-for-security/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Data Protection Bill is vague and intrusive</title>
		<link>https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/</link>
					<comments>https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Mon, 16 Mar 2020 05:47:31 +0000</pubDate>
				<category><![CDATA[Big Data]]></category>
		<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[Big data]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[data protection]]></category>
		<category><![CDATA[Technologies]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=7445</guid>

					<description><![CDATA[<p>Source: thehindubusinessline.com The Personal Data Protection (PDP) Bill, 2019 introduces significant new requirements and challenges for legal and compliance functions. This entails changes to the ways in <a class="read-more-link" href="https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/">Data Protection Bill is vague and intrusive</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: thehindubusinessline.com</p>



<p class="wp-block-paragraph">The Personal Data Protection (PDP) Bill, 2019 introduces significant new requirements and challenges for legal and compliance functions. This entails changes to the ways in which technologies are designed and managed, including focus on search, storage and security of data. The PDP framework needs to stand test of time in the era of artificial intelligence, machine learning, robotic process automation (RPA), Big Data and the Internet of Things, as well as gadgets like Alexa and the Google Assistant, which are evolving at higher speed and posing many challenges in addressing data protection and privacy.</p>



<p class="wp-block-paragraph">The Joint Select Committee of Parliament, which is examining the PDP Bill, faces a complex and multifaceted challenge. A number of transformations are at the core of current digital transformation: the blurring of distinction between reality and the virtual world; of a distinction between human, machine and nature; the issue of information abundance; a shift from standalone IT assets to networked assets; and of data and information processing from centralised hardware architecture to distributed-software designed architectures. The size of data in 2022 is to be about 40 times than that of 2020.</p>



<p class="wp-block-paragraph">The PDP Bill, therefore, needs to be considered keeping in view such transformations in the backdrop, along with key objectives such as promotion of the digital economy, innovation and protection of citizen and consumer interest — with a focus on data privacy — and of the state and public interests.</p>



<p class="wp-block-paragraph">The interests of the tech and commercial entities need to be balanced with that of the public and state, given reliance of the latter on such entities.</p>



<p class="wp-block-paragraph">The current PDP Bill must meet such objectives for at least the next five years. The Bill, however, creates a ‘monopoly’, wherein all of the data, personal and non-personal, will be under the purview of the state and its agencies. The Bill does propose to provide checks and balances, albeit in only one or two cases, through rules and regulations. Nevertheless, its important to not only provide robust checks and balances for accessing the data, but also for lawmakers and citizens to know the principles behind them while formulating the law. The lawmakers, at least, would need to be satisfied by the proposals.</p>



<h2 class="wp-block-heading">Defining personal data</h2>



<p class="wp-block-paragraph">Discussions have been intensely taking place in the country on expanding the scope of the PDP Bill; in particular, the definitions of ‘personal data’ and ‘non-personal data’. Many such discussions are critical to the broadening of the concept of personal data, and the inclusion of non-personal data. Given the technological advancements and the large amount of data available for analysis, absolute and irreversible anonymity may no longer be possible. All data in the near future will either be or will contain personal data, leading to the application of ‘data privacy and protection’ to just about everything. The data-analysis technology is rapidly moving towards perfect identification. Any information is likely to relate to a person.</p>



<p class="wp-block-paragraph">A more principle-based holistic approach may thus be needed with regard to personal and non-personal data, because of the difficulties in distinguishing between the two.</p>



<p class="wp-block-paragraph">The concept of personal data as in the PDP Bill is also likely to raise considerable legal uncertainty. According to Clause 3 (28), this concept covers data about or relating to a ‘natural person’, who can be identified either directly or indirectly. The problem here is that identifiability may only result from additional information or data available to and from the data fiduciary. This, as such, prevents anonymisation.</p>



<p class="wp-block-paragraph">It will thus be necessary, in light of technological innovation, to consider applying the law uniformly to all kinds of personal and non-personal data. The other solution would be a clear separation of personal and non-personal data. In fact, the latter data could be limited to machine-generated data, and be aimed to implement an efficient market-oriented non-personal data law.</p>



<p class="wp-block-paragraph">The pros and cons of Clause 91 of the Bill have also not been debated before its inclusion. It basically allows the government to ask companies for non-personal and anonymised personal data.</p>



<h2 class="wp-block-heading">Tech-related aspects</h2>



<p class="wp-block-paragraph">There are certain provisions relating to social media as well. Such provisions should be included in the Information Technology Act, rather than the PDP Bill. In this hyper-connected world, can data localisation be possible, particularly where data is hosted, posted, updated and accessed using public networks in a decentralised environment? Only data that is hosted, posted and accessed on a captive private network can be localised.</p>



<p class="wp-block-paragraph">It would be necessary to study the European Union’s GDPR (with which the PDP Bill bears many similarities) and other international frameworks, and align the provisions relating to cross-border flow of data while addressing Indian environment, culture and sovereignty of the country. Ultimately, country has to get its data protection and privacy framework recognised with other jurisdictions in the world, keeping in mind the larger interest of commerce, trade and manufacturing. The pitfalls of the GDPR also need to be taken into account.</p>



<p class="wp-block-paragraph">The PDP Bill is expected to reshape the hierarchical structure of both public and private sectors, which would include the state, too. The state must have assessed this and may be ready for addressing implications of such reshaping, including standards for anonymisation, de-identification and filtering of non-personal data from the composite data set.</p>



<p class="wp-block-paragraph">It must be noted that while creating and saving the numerous documents and data which may help in the compliance and verification needs of the PDP framework, “Big Data” and AI/ML will be present and applied. The very concept of Big Data, however, is in clash with that of data minimisation, an underlying concept in the PDP Bill.</p>



<p class="wp-block-paragraph">It is, therefore, important to lay out a proper system of modern law for the digital economy that also integrates the perspective of privacy-based data protection, which may drive efficient market regulations. At the same time, all the stakeholders be made accountable and responsible while recognising their roles and functions.</p>



<p class="wp-block-paragraph">The framework thus needs to be more modular, and may be expanded as we learn from experience and technological innovations. Care needs to be taken, that the PDP Bill does not become “the law of everything”.</p>



<p class="wp-block-paragraph">Taneja is a lawyer with Karanjawala &amp; Co. Rai is former National Cyber Security Coordinator, Government of India.</p>
<p>The post <a href="https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/">Data Protection Bill is vague and intrusive</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/data-protection-bill-is-vague-and-intrusive/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>ADOPTING AN INTELLIGENCE-DRIVEN APPROACH FOR CYBER SECURITY</title>
		<link>https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/</link>
					<comments>https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Mon, 24 Feb 2020 07:23:04 +0000</pubDate>
				<category><![CDATA[Human Intelligence]]></category>
		<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Development]]></category>
		<category><![CDATA[Technology]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=6991</guid>

					<description><![CDATA[<p>Source: analyticsinsight.net Different business and technology developments bring about increased levels of cyber risks. The continued adoption of web, mobile, cloud, and social media technologies have opened new <a class="read-more-link" href="https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/">ADOPTING AN INTELLIGENCE-DRIVEN APPROACH FOR CYBER SECURITY</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: analyticsinsight.net</p>



<p class="wp-block-paragraph">Different business and technology developments bring about increased levels of cyber risks. The continued adoption of web, mobile, cloud, and social media technologies have opened new open doors for attackers. Also, floods of outsourcing, offshoring, and third-party contracting have additionally weakened hierarchical authority over data systems. These trends have brought about a boundaryless environment with a lot more extensive attack surface.</p>



<p class="wp-block-paragraph">Risk entertainers deploy a wide array of attack methods to remain one step stage in front of their exploited people. What’s more, groups of criminals and country states are consolidating infiltration procedures in their campaigns while utilizing malicious insiders in targeted organizations. As reported in a 2012 Deloitte survey of worldwide financial services executives, numerous financial services organizations are struggling to accomplish a level of cyber risk maturity expected to counter these evolving threats.</p>



<p class="wp-block-paragraph">What security experts experiencing alert fatigue need is threat intelligence that has just been vetted and contextualized by individuals. Big data and AI tools give a plenitude of data and they can distinguish occasions and activities of concern, yet most security experts within an enterprise have neither the training nor an opportunity to comprehend the raw data. They need threat intelligence that has just been filtered, analyzed and contextualized, a “finished intelligence” that is “actionable” to their companies.</p>



<p class="wp-block-paragraph">That is the place human intelligence experts and threat hunting teams become possibly the most important factor. These experts recognize a different sort of threat than those distinguished by big data and AI tools. If machine devices exceed expectations at identifying singular trees, human intelligence experts exceed expectations at understanding the character of the forest.</p>



<p class="wp-block-paragraph">Building up a fast feedback loop from the operations environment once again into improvement is critical. However, the challenge is gathering threat intelligence that is instant and profoundly exact. Generally, the scan and firewall “outside-in” approach produces a staggering amount of false positives that buries and devalues the real attack data.</p>



<p class="wp-block-paragraph">“Generally, an instrumentation-based “inside-out” approach has more context and improves the signal-to-noise ratio fundamentally. Obviously, just assembling better data isn’t sufficient, it needs to find good people that need it through the tools they are as of now utilizing. These incorporations are critical to an intelligence-driven security organisation.​</p>



<p class="wp-block-paragraph">A decent comprehension of threats, industry norms, and regulations can assist companies with securing their frameworks by designing and implementing risk-intelligent controls. In view of industry practices, companies should build a “defense-in-depth” approach to address known threats. This ought to include mutually reinforcing security layers that give redundancy and prevent attacks.</p>



<p class="wp-block-paragraph">It is not that human intelligence experts and threat hunting teams supplant the monitoring and detection systems. Rather, they can augment and upgrade the raw intelligence caught by these amazing machine devices. Human intelligence groups can carry insight into the translation of raw intelligence that no machine can. They can connect signs with the paste of experience and relevant comprehension, which no machine yet does.</p>



<p class="wp-block-paragraph">What enterprise security experts need is an approach to operationalize this completed threat intelligence. They need tools that can give deep understanding into the hardware, software and procedures advising the operational ecosystem regarding the enterprise, including its endpoints, networks, clouds, IoT devices, supply chains and more. In addition, they need tools that can empower them to make changes to any component in that ecosystem in a streamlined and orchestrated way.</p>



<p class="wp-block-paragraph">Better threat intelligence creates opportunities for an enterprise to mount a proactive cyber resistance, however, without an ability to operationalize that threat intelligence, the company will most likely be unable to dispatch the defense successfully ahead of time of the approaching attack. With tools to operationalize this threat data, a company can react rapidly and adequately to secure its kin, data and procedures, even its brand and reputation from any emerging cyber threat.</p>



<p class="wp-block-paragraph">Nourishing intelligence into a security operations centre (SOC) can drive threat detection and response more aggressively. A SOC can enable experts to do threat hunting and discover more signs of a breach or find how it has moved along the side and is compromising more hosts. However, adopting an intelligent-driven approach can mean experts suffocate in threat data; an average enterprise can deal with 174,000 alerts per week.</p>



<p class="wp-block-paragraph">To adapt to this unthinkable volume of information, characterizing a group’s threat analytic skills is key. However, much increasingly fundamental is the way their work is augmented via automation that resolves routine alerts and prioritises more complex alerts for talented human intercession. Augmenting human threat intelligence can go further. There’s a developing library of cyber security playbooks on threats and exploits that can deal with threat detection and response automatically, so you don’t have people doing it constantly. With the scale and speed of dangers, we should acknowledge and embrace how the core of cyber security is going to utilize more threat intelligence automation to beat our adversaries.</p>



<p class="wp-block-paragraph">Turning into a company where Cyber Threat Intelligence (CTI) drives decisions is progressively significant, as it can play a pivotal role in empowering security, vigilance, and strength. CTI ought to be supported by the collection of raw data about cyber threat indicators so as to get insights about adversaries from a wide scope of sources. These sources should be both internal and external, through automated methods, and through human interaction.</p>



<p class="wp-block-paragraph">Nonetheless, to be noteworthy, threat information should be seen in a context that is significant to the company. To this end, automation can be utilized to filter and feature data that is generally significant to important risk areas.</p>



<p class="wp-block-paragraph">The measure of information got from CTI can be faltering. Hence, analyses should incorporate statistical techniques for parsing, normalizing, and correlating findings, as well as human review. This should be led within a risk management process, built around well-defined communication and mitigation activities.</p>



<p class="wp-block-paragraph">A cyber risk management process prioritizes, analyzes, and detects a threat before, during, or after its event while indicating the correct reaction. The latter may include remediation, control updates, and the vendor or partner notification.</p>
<p>The post <a href="https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/">ADOPTING AN INTELLIGENCE-DRIVEN APPROACH FOR CYBER SECURITY</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/adopting-an-intelligence-driven-approach-for-cyber-security/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>Adversarial artificial intelligence: winning the cyber security battle</title>
		<link>https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/</link>
					<comments>https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Fri, 07 Feb 2020 06:35:38 +0000</pubDate>
				<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[Machine learning]]></category>
		<category><![CDATA[Technology]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=6610</guid>

					<description><![CDATA[<p>Source: information-age.com Cybercriminals are utilising artificial intelligence to launch more effective attacks and it&#8217;s time to fight fire with fire, according to Martin Mackay, SVP, EMEA at <a class="read-more-link" href="https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/">Adversarial artificial intelligence: winning the cyber security battle</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source: information-age.com</p>



<p class="wp-block-paragraph">Cybercriminals are utilising artificial intelligence to launch more effective attacks and it&#8217;s time to fight fire with fire, according to Martin Mackay, SVP, EMEA at Proofpoint </p>



<p class="wp-block-paragraph">Artificial intelligence (AI) has come a long way since its humble beginnings. Once thought to be a technology that would struggle to find its place in the real world, it is now all around us. It’s in our phones, our cars, and our homes. It can influence the ads we see, the purchases we make and the television we watch. It’s also fast becoming firmly embedded in our working lives — particularly in the world of cyber security.</p>



<p class="wp-block-paragraph">The Capgemini Research Institute recently found that one in five organisations used AI cyber security pre-2019, with almost two-thirds planning to implement it by 2020. The technology is used across the board in the detection and response to cyber attacks.</p>



<p class="wp-block-paragraph">But as with any advancement in technology, AI is not only used for good. Just as cyber security teams are utilising machine learning to ward off threats, so too are bad actors weaponising the technology to increase the speed, effectiveness and impact of those threats.</p>



<p class="wp-block-paragraph">We now find ourselves in an arms race. One that we can only win by embracing this rapidly evolving technology as part of a broad, deep defence.</p>



<h3 class="wp-block-heading">Artificial intelligence in cyber security — defence</h3>



<p class="wp-block-paragraph">There’s no doubt that the cyber security industry is convinced of the worth of artificial intelligence. The AI cyber security market is already valued at $8.8 billion and expected to top $38 billion by 2026.</p>



<p class="wp-block-paragraph">What started out with fairly simple yet effective use cases, such as the email spam filter, has now expanded across every function of the cyber security team.</p>



<p class="wp-block-paragraph">Today, AI is a vital line of defence against a wide range of threats, including people-centric attacks such as phishing. Every phishing email leaves behind it a trail of data. This data can be collected and analysed by machine learning algorithms to calculate the risk of potentially harmful emails by checking for known malicious hallmarks.</p>



<p class="wp-block-paragraph">The level of analysis can also extend to scanning attached files and URLs within the body of a message – and even, thanks to a type of machine learning known as computer vision, to detecting websites that impersonate the login pages of major phishing targets.</p>



<p class="wp-block-paragraph">The same machine learning model can also be applied to other common threats such as malware – which grows and evolves over time and often does considerable damage before an organisation knows what it’s up against.</p>



<p class="wp-block-paragraph">Cyber security defences that employ AI can combat such threats with greater speed, relying on data and learnings from previous, similar attacks to predict and prevent its spread. As the technology continues to develop, so too will its prevalence within cyber security defence. Over 70% of organisations are currently testing use cases for AI cyber security for everything from fraud and intrusion detection to risk scoring and user/machine behavioural analysis.</p>



<p class="wp-block-paragraph">Perhaps the biggest benefit of AI, however, is its speed. Machine learning algorithms can quickly apply complex pattern recognition techniques to spot and thwart attacks much faster than any human.</p>



<h3 class="wp-block-heading">Artificial intelligence in cyber security — attack</h3>



<p class="wp-block-paragraph">Unfortunately, while AI is making great strides in defending against common threats, it’s making it far easier for cybercriminals to execute them too.</p>



<p class="wp-block-paragraph">Take phishing: AI has the potential to supercharge this threat, increasing the ease, speed and surface of an attack. Even rudimentary machine learning algorithms can monitor correspondence and credentials within a compromised account. Before long, the AI could mimic the correspondence style of the victim to spread malicious emails far and wide, repeating the attack again and again.</p>



<p class="wp-block-paragraph">When it comes to malware, AI can facilitate the delivery of highly-targeted, undetectable attacks. IBM’s AI-powered malware proof of concept, DeepLocker, is able to leverage publicly available data to conceal itself from cyber security tools, lying dormant until it reaches its intended target. Once it detects the target — either via facial or voice recognition — it executes its malicious payload.</p>



<p class="wp-block-paragraph">AI’s speed will also likely prove to be a major boon for cybercriminals, as it is for those of us defending against it. Machine learning could be deployed to circumnavigate and break through cyber security defences faster than most prevention or detection tools could keep up.</p>



<p class="wp-block-paragraph">And AI will not only exacerbate existing threats – it’s already creating new ones. Sophisticated machine learning techniques can mimic and distort audio and video to facilitate cyber attacks. We have already seen this technology, known as DeepFakes, in the wild. In March of this year, an unknown hacking group used this approach to defraud a UK-based energy subsidiary of over £200,000. The group impersonated the parent company’s CEO to convince the subsidiary managing director to make an urgent transfer to a Hungarian supplier. Convinced he was talking to his boss, the he complied with the request and the money was successfully stolen.</p>



<p class="wp-block-paragraph">As AI becomes ever-more convincing in its ability to ape human communication, attacks of this nature are likely to become increasingly common.</p>



<h3 class="wp-block-heading">Winning the AI arms race</h3>



<p class="wp-block-paragraph">When you find yourself in an arms race, the only way to win is to stay ahead. For the cyber security industry, this is nothing new. While the tactics and technologies may have changed, the battle to stay in front has raged for decades.</p>



<p class="wp-block-paragraph">In this latest standoff, to keep pace with AI-powered threats, we must embrace AI-powered defence. That being said, AI should not be considered the universal panacea.</p>



<p class="wp-block-paragraph">There’s no doubt that machine learning technology is both sophisticated and incredibly powerful, but it is just one piece of the puzzle.</p>



<p class="wp-block-paragraph">When it comes to successfully defending against modern cyber attacks, there is no silver bullet – AI or otherwise. A strong defence must be deep, multifaceted and, despite the ‘rise of the machines’, people-centric.</p>
<p>The post <a href="https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/">Adversarial artificial intelligence: winning the cyber security battle</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/adversarial-artificial-intelligence-winning-the-cyber-security-battle/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
		<item>
		<title>The Crucial role of Cyber security and Artificial Intelligence (AI)</title>
		<link>https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/</link>
					<comments>https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/#respond</comments>
		
		<dc:creator><![CDATA[aiuniverse]]></dc:creator>
		<pubDate>Wed, 11 Dec 2019 10:11:39 +0000</pubDate>
				<category><![CDATA[Artificial Intelligence]]></category>
		<category><![CDATA[antivirus]]></category>
		<category><![CDATA[Artificial intelligence (AI)]]></category>
		<category><![CDATA[cyber security]]></category>
		<category><![CDATA[firewalls]]></category>
		<category><![CDATA[Machine learning]]></category>
		<category><![CDATA[Programming]]></category>
		<category><![CDATA[sensitive data]]></category>
		<guid isPermaLink="false">http://www.aiuniverse.xyz/?p=5566</guid>

					<description><![CDATA[<p>Source: vccircle.com Artificial intelligence (AI) is accepting the situation as a warrior against digital threats over the globe. It has gotten mainstream in military space, yet security <a class="read-more-link" href="https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/">Read More</a></p>
<p>The post <a href="https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/">The Crucial role of Cyber security and Artificial Intelligence (AI)</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></description>
										<content:encoded><![CDATA[
<p class="wp-block-paragraph">Source:  vccircle.com</p>



<p class="wp-block-paragraph">Artificial intelligence (AI) is accepting the situation as a warrior against digital threats over the globe. It has gotten mainstream in military space, yet security organizations are likewise consolidating AI technologies for using deep learning to discover likenesses and differences within a data set. Organizations like Microsoft are putting 1 billion USD in AI-based organizations, for example, Open AI. In an always advancing cyber threat landscape where antivirus programming and firewalls are viewed as tools of antiquity, companies are currently searching for all the more technologically advanced methods for protecting classified and sensitive data.</p>



<p class="wp-block-paragraph">As indicated by ESG research, 29% of security experts would like to utilize AI innovation to accelerate the virus detection process. Furthermore, 27% are looking to this innovation to accelerate their incident response time. Interest for AI security stems from the complexity of code AI can analyze in a short amount of time.</p>



<p class="wp-block-paragraph">Despite the fact that AI can be useful in the cybersecurity space, for the most part, it’s not AI that is driving these solutions. As a rule, trained machine learning and AI are terms that get confounded. Where AI and machine learning differ in their capacity to think without legitimate programming. Security organizations utilize machine learning to write complex algorithms for these technologies to best identify security breaches. However, an AI system can reach new resolutions without being nourished any new algorithms or data.</p>



<p class="wp-block-paragraph">A challenge for machine learning in the security space is that malware codes are constantly changing, which implies the coders behind machine learning cybersecurity innovation should always be perfect and change algorithms to show the innovation how to detect these new codes. However, can the defenders truly stay aware of hackers? That is certainly begging to be proven wrong. This is an issue AI could understand. If a conscious machine can develop at the rate of its malware partners, we have a much better shot of defending against it.</p>



<p class="wp-block-paragraph">Disappointment by governments to take proactive measures to ensure the security of AI frameworks “is going to come back to bite us,” Omar Al Olama, minister of state for artificial intelligence for the United Arab Emirates, warned. Studies recommend one of the most noteworthy issues which lie in the destabilizing impacts of cyber weaponry, increased by AI technologies on the regional balance of power.</p>



<p class="wp-block-paragraph">Artificial intelligence has the ability to get converged with new, complex yet untried weaponry, for example, cyber offensive capabilities. This improvement is alarming as cyber offensive weapons have the ability to destabilize the equalization of military power among the leading countries. With the advent of AI and machine learning, cyberattacks have become all the more commonly available dangers for critical infrastructure like airport flight tracking, banking systems, hospital records, and programs that run the country’s basic infrastructure and nuclear reactors.</p>



<p class="wp-block-paragraph">In spite of the fact that there is no definite proof that critical infrastructure command and control systems are inclined to cyberattacks yet because of the digitization of these systems, thus the vulnerability exists. The destabilizing impact of AI cyber weaponry stays a huge matter of concern for each country. Undoubtedly, protecting against these weapons, and shielding the country’s software, hardware and private information against cyberattacks have become a vital issue for national security.</p>



<p class="wp-block-paragraph">Policymakers should intently work with technical experts to investigate, prevent and counter potential threatening uses of AI. Studies recommend that AI zero-day vulnerabilities are being made which are not openly known at this point, so it gets hard to build up its fix until its first experiment. Moreover, conducting red team exercises in the AI domain area like DARPA Cyber Grand Challenge will likewise assist better with understanding the level to do attacks and find the barriers. Present research in the public domain is restricted to white hat hackers just which is planned for utilizing machine learning to discover vulnerabilities and recommend fixes.</p>



<p class="wp-block-paragraph">As not out of the ordinary, the utilization of machine learning to advance cyber threats is developing alongside the utilization of these advancements for security and protection, explicitly while producing new malware samples. It’s anticipated that programmers will utilize these technologies to modify code in new samples dependent on how security systems identified more older diseases. This will build the lifespan of an infection in a system since it will be smaller and increasingly hard to detect.</p>



<p class="wp-block-paragraph">The speed AI is developing, won’t take a lot of time that attackers would utilize AI abilities on a mass scale. Artificial intelligence could demonstrate a cybersecurity threat in an unobtrusive manner. As AI-driven and machine learning products are set to be utilized as a major aspect of defense technique, there are chances that it could calm IT experts and employees into a false sense of security. Today AI solutions are in the experimenting stage, and complete dependence on them could be a botch.</p>
<p>The post <a href="https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/">The Crucial role of Cyber security and Artificial Intelligence (AI)</a> appeared first on <a href="https://www.aiuniverse.xyz">Artificial Intelligence</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>https://www.aiuniverse.xyz/the-crucial-role-of-cyber-security-and-artificial-intelligence-ai/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
