< Back
Blog Feed Image

Oct 29

2020

Machine Learning: The Future of Cybersecurity

By Doug Shimokawa, Senior Vice President

The pandemic has led to an unprecedented spike in data breaches and has multiplied vulnerabilities in all industries. Information Systems Security Association, a nonprofit, found a 63% increase in cyberattacks related to the pandemic, calling COVID-19 a “once-in-a-lifetime opportunity for hackers and online scammers.” Cybersecurity threats will only continue to increase. Companies should be thinking about how to aggressively and proactively manage their exposure. Below, we discuss how artificial intelligence (AI), specifically machine learning, is a key component in the modern data protection strategy. 

Businesses are facing massive surges of cyberattacks in part because remote work introduces new dangers. For example, using personal devices (that could already be compromised) to access company assets, even over a virtual private network (VPN), introduces vulnerability to the entire network. As login vetting protocols continue to change, opportunities for confusion and mistakes are created. In-house IT departments normally focused on threat detection have been redirected to remote work management, a 24/7 job in and of itself, resulting in less vigilance and more unmanaged threats.

We describe AI as a computer that can think and make decisions like a human can. Machine learning, a subset of that, refers to the idea that over time, a computer system becomes “smarter” as it collects data and “learns” from it. In the context of cybersecurity, this is a powerful proposition to mitigate risks. The traditional model is a slow process of identifying threats and then logging them to catch in the future. 

Machine learning is particularly well suited for cybersecurity and fraud management because the world of data protection is often rife with false positives, activities that might at first seem suspicious but actually are not. Some of us experience this with our credit card companies, who might flag a transaction if we are suddenly purchasing a big-ticket item in a state that, as far as our credit card company knows, we’ve never visited. 

Machine learning comes to understand the difference between a real threat and a false positive, as it collects additional data second-by-second. This is the future of computing: a machine that can learn and adapt to a dynamic environment to stay one step ahead of the attackers, not limited by known attacks seen last month or last year. 

Simply put, this protection is about flagging aberrations, the behavior that is outside the norm. For example, if we look at a person who has never accessed a file before, and notice that she suddenly sent copies to recipients outside of the organization. Protecting a company from threats requires a delicate balance between being so overly zealous that every transaction is questioned or halted (in the credit card scenario, that would get pretty annoying), and being so overly permissive that bad actors are able to sneak in.   

As one example, we are currently working with customers as they prepare to deploy Microsoft Defender, which leverages machine learning to detect and address suspicious behavior across their IT environments, from email to each workstation. To learn more about our customized solutions, contact us at pacxa.com/contact

Protecting against cybersecurity threats is a perpetual effort and companies need to be more vigilant than ever. AI and machine learning can help our customers be as proactive as possible in the weeks and months ahead. Follow us on LinkedIn for regular cybersecurity and IT insights from our team.