AI is crucial element of security strategy in the IoT era
Machine learning and network visibility for users and internet of things devices are essential to battle threats inside the enterprise, according to a new report
Artificial intelligence (AI) is emerging as a key tool in the cyber security expert’s arsenal to fight new threats inside IT infrastructure, according to a global study produced by analysts at the Ponemon Institute and funded by Aruba, Hewlett-Packard Enterprise’s (HPE’s) networking unit.
In an age when mobility and the internet of things (IoT) are eroding traditional IT perimeters, and skilled cyber security professionals are increasingly hard to come by, the report, Closing the IT security gap with automation and AI in the era of IoT, said security teams are starting to lean on AI to help them keep on top of the fast-changing threat landscape.
The study of 4,000 security and IT professionals gathered from the Americas, Asia and Europe, looked at what makes security deficiencies so hard to fix, and what technologies and processes are needed to stay ahead of cyber criminals.
“Despite massive investments in cyber security programmes, our research found most businesses are still unable to stop advanced, targeted attacks, with 45% believing they are not realising the full value of their defence arsenal, which ranges from 10 to 75 concurrently deployed security tools,” said Ponemon chairman Larry Ponemon.
“The situation has become a ‘perfect storm’, with nearly half of respondents saying it is very difficult to protect complex and dynamically changing attack surfaces, especially given the current lack of security staff with the necessary skills and expertise to battle today’s persistent, sophisticated, highly trained and well-financed attackers.
“Against this backdrop, AI-based security tools, which can automate tasks and free up IT personnel to manage other aspects of a security programme, were viewed as critical for helping businesses keep up with increasing threat levels.”
Given the urgent need to protect data and high-value assets, systems that incorporate elements of machine learning and AI are now coming to be regarded as essential for stopping attacks that target users and the myriad IoT devices now being deployed on many enterprise networks.
Most respondents agreed that security incorporating AI would help to: reduce false alerts (68%); increase the effectiveness of their security teams (63%); provide greater investigation efficiencies (60%); and help them discover and address more quickly attacks that have got past perimeter firewalls (56%).
Read more about IoT security
- The London-based Centre for Strategic Cyber Space and Security Science is working on an internet of things security standard and has roped in participants from eight markets.
- LeanIX’s André Christ outlines six steps organisations can follow to successfully manage IoT security and assess IoT risk in the enterprise.
- Chipmaker ARM announces microprocessor aimed at improving the physical security capabilities of devices making up the internet of things.
A quarter of those who responded said they were already using some kind of AI-enabled security solution, and a further quarter said they planned to deploy such a product or service within 12 months.
The study’s findings reflect growing awareness of the gaps in security strategies created by widespread acceptance of IoT devices, with 75% of respondents saying they believed their IoT estates were insecure and two-thirds saying they had “little to no” ability to protect IoT devices from attack.
And although awareness is growing, there is still confusion, and therefore risk, over who exactly takes responsibility for IoT security, with responses ranging from CIOs and CTOs through to CISOs and even line-of-business leaders, with no clear consensus emerging from the data.
The results also highlighted the importance of adequate network visibility, and the ability to define what IoT devices are enabled to do, with 63% of respondents saying network access controls were an important part of their wider strategy, alongside more detailed information about applications, endpoints, cloud and networks.