Traditional network security tools have become outdated in the face of sophisticated cyberattacks. Our cybersecurity strategies should embrace latest technologies, such as A.I. and machine learning.

For many years, traditional network security tools such as firewalls, anti-virus software, web proxies etc. have been the go-to defences for organisations. While these tools were effective to a certain extent in the past, the dramatic changes brought to the digital world by “Industry 4.0,” over the last decade, has seen a dynamic shift to the cyber-threat landscape thereby reducing the effectiveness of these traditional tools.

As we continue to embrace digital revolution in all aspects of our life, the threat to the cybersecurity landscape is only increasing with each passing day. Cybercriminals, today, are using cutting-edge technologies to launch destructive cyberattacks on large corporations that have far-reaching consequences as was seen in the case of Adobe and Equifax, and India being at the forefront of digitization has become the prime target for cyber criminals. In fact, as per the Acronis Cyber Readiness Report of 2020, India is reporting more cyberattacks than any other country in the world.

From an organisational perspective, apart from loss of critical information, financial losses, reputational damages and disruption in operations, in most cases, it becomes impossible to identify the intensity of the cyberattack, and the amount of data that was actually compromised often remains unknown. This was witnessed even recently when hackers launched attacks on multiple Indian pharmaceutical companies where, till date, there is no visibility on the degree of attack and the nature of data that was compromised.

Cybersecurity is a critical aspect for all organisations today. Unfortunately, most businesses are not adequately equipped to handle these complex cyber threats simply because they continue to rely on traditional techniques. They do not possess the high-end tools required to quickly identify and recover from threats which, if adopted, can go a long way in ensuring cybersecurity. For instance, a study conducted by Cisco in 2019 revealed that A.I. based tools can identify up to 95% of threats faced by an organisation. That being the case, for a country that thrives on information technology, it is critical that organisations transition from traditional solutions to technologically advanced solutions at the earliest.

While talking about technologically advanced solutions, organisations should start depending more on artificial intelligence (A.I.) based tools. Unlike traditional techniques that neutralize the effect of vulnerabilities only upon the identification of the same, the approach becomes very different with the aid of A.I. and machine learning enabled tools. A.I.-based systems are proactive in detecting vulnerabilities since they can analyse patterns and discover loose ends beforehand thereby enabling organisations to take preventive action before they are even affected with a security incident.

For instance, A.I. techniques like “User and Event Behavioural Analytics” can be used to analyse baseline behaviour of accounts and identify anomalous behaviour that might signal a zero-day cyberattack. This can protect organizations even before vulnerabilities are officially reported. An A.I. vendor named ‘Darktrace’ provides a software that utilises A.I. to understand the behaviour of each user, and the software automatically sends out an alert if there is a vital deviation from the normal baseline behaviour. Additionally, apart from using A.I. enabled solutions, organisations should also adopt simple measures like the use of a multi-factor authentication (M.F.A.) process to secure their systems. MFAs can help prevent some of the most common types of cyberattacks, including phishing, brute force and man-in-the-middle attacks.

It is important to remember that hackers are only becoming sophisticated by the day. It is not sufficient to simply introduce tools that ensure cybersecurity. It is equally important that organisations constantly understand the loopholes in their security systems and take measures to fix the same. For this purpose, organisations such as Tesla, Google etc. are increasingly turning to crowdsourced security measures, such as bug bounty programs, to find loopholes in their security systems, by hiring ethical hackers. In fact, many organisations are substituting their traditional penetration testing efforts with crowdsourced security measures since they offer a plethora of benefits including the ability to identify and fix vulnerabilities faster, paying for valid results rather than effort or time and varied expertise of hackers.

However, these techniques, be it A.I. enabled tools or crowdsourced security measures, can never work in isolation no matter how advanced they are. The effectiveness of the cybersecurity architecture of an organisation ultimately depends on the over-arching security model. This security model, thus, should not focus on tools that are merely reactive in nature. Instead, the overall security model should comprise of tools that prevent, predict, detect, and respond to threats in an efficient manner, and this is where the concept of adaptive security architecture comes to play.

Adaptive security, the buzz word in recent times, is an approach that analyses behaviours to protect against and adapt to threats even before they happen. Adaptive security architecture (ASA) is a concept and there are no pre-defined techniques on what constitutes ASA. Thus, organisations have the flexibility to introduce curated techniques (such as A.I.-based tools) so long as such techniques are able to predict, prevent, detect and respond to threats (elements of ASA) in a timely manner. For example, an implementation of ASA is the Emsisoft anti-malware that monitors the behaviour of all active programmes and sends out an alert if suspicious behaviour is detected. As opposed to focusing on preventive measures, ASA is built on the foundation of a more responsive, receptive and real-time outlook when protecting an organisation’s security systems.

While organisations can enforce technologically advanced protocols for ensuring cybersecurity, the role of personnel can never be ignored. Human error has a well-documented history of causing data breaches. This was seen when Equifax’s system was compromised for two whole months simply because of an oversight by the IT team. According to the UK Information Commissioner’s Office, human error was the cause of approximately 90% of data breaches in 2019. This only implies that cybersecurity is a top-down approach. Every single employee, from the CEO to the supervisor, plays an important role. That being the case, it is important that employees understand what they can do to protect the company’s digital assets, how to avoid falling for cybersecurity attacks, and who they should report potential incidents to.

On a concluding note, as India moves towards a five trillion dollar economy and with the IT sector leapfrogging through multiple stages of development faster than many western economies, there is an imminent need for organisations to invest in advanced technologies and personnel training to ensure a watertight cybersecurity architecture.

Views are personal. Bhushan is Partner and Chennai head, Shardul Amarchand Mangaldas & Co and Viswanat is Associate, Shardul Amarchand Mangaldas & Co.

The post How artificial intelligence can fight cyberattacks appeared first on Artificial Intelligence.

Big data analytics is the use of advanced analytic techniques against very large, diverse data sets that include structured, semi-structured and unstructured data, from different sources, and in different sizes from terabytes to zettabytes.

Big data is a term applied to data sets whose size or type is beyond the ability of traditional relational databases to capture, manage and process the data with low latency. Big data has one or more of the following characteristics: high volume, high velocity or high variety. Artificial intelligence (AI), mobile, social and the Internet of Things (IoT) are driving data complexity through new forms and sources of data. For example, big data comes from sensors, devices, video/audio, networks, log files, transactional applications, web, and social media — much of it generated in real time and at a very large scale.

Analysis of big data allows analysts, researchers and business users to make better and faster decisions using data that was previously inaccessible or unusable. Businesses can use advanced analytics techniques such as text analytics, machine learning, predictive analytics, data mining, statistics and natural language processing to gain new insights from previously untapped data sources independently or together with existing enterprise data.

The life of an enterprise architect is becoming busy and difficult. Before the era of big data, the enterprise architect “only” had to worry about the data and systems within their own data center. However, over the past decade there were revolutionary changes to the way information is used by businesses and how data management platforms support the information available from modern data sources.

Cloud broke down the boundaries of enterprise data centers, with applications housed and data created outside the “four walls” of an organization. This introduced a host of complexities for enterprise architects focused on security, privacy, and control. Mobile influences continued to push data outside the data center. Maintaining data flows to each of those data access points, often as tablets or mobile phones, introduced additional troubles. Incoming data from mobile devices brought new data formats and a flood of information to the enterprise architect.

These alterations in the formats and locations of systems and data created massive change for data-driven organizations who want to develop competitive advantage. That advantage may come in the form of new data sources such as device sensor logs, social media streams, and mobile device geolocation information; create new projects to take advantage of these new data sources; and establish environments with diverse data management platforms to support these efforts.]

New and Exciting Data Sources
The transformations over the past decade mandated and created a range of additional data sources, both inside and outside an organization, for enterprise architects to consider.

External data sources from third-party content, often via cloudbased providers, can change their data structure without notification to downstream organizations using that information. Event log and device sensor information also have variability based on their individual configuration and frequently come in the form of multistructured formats such as XML or JSON. Social data sources created by customers and the general public are based on textual formats and audio/video content. Both text and audio/visual are difficult to store and utilize due to the nature of the information.

Traditional relational data sources are also included in the wave of big data change, but they have their own challenges. Increasingly, the information is coming from outside the data center from third parties or cloud-based implementations of corporate data, which requires enterprise architects to seek out and learn how to utilize that information.

Business-oriented data consumers can manage their own pursuits, which can take the form of data discovery or exploratory activities to find new uses for big data sources. They can be analytical projects to align costs via cost-management activities, or advanced analytical projects to find the next set of attributes for high-revenue customers.

This is not a one-off implementation like a “spreadmart” or an unmanaged shadow IT project. Instead, it is a supervised and administered environment strategically provided to business stakeholders so they can meet their own needs while utilizing corporate assets. This may be in the form of new big data sources and platforms, and capturing valuable metadata that can be utilized across the organization.

Enterprise architects create self-service capabilities for big data. By designing and implementing application environments with configurable software components, empowering technologists through skills development, and actively sanctioning interaction between technology implementation teams and the various lines of business, enterprise architects provide environments where business stakeholders can have requirements met at the “speed of business” rather than the speed of an implementation backlog. The business can focus on how to best use new big data resources without waiting on tactical IT workflows while maintaining the implementation components for distribution and continued development across the organization.

The post Making Sense Of Big Data appeared first on Artificial Intelligence.