Organizations across the globe invested more than $114 billion in cybersecurity products and services in 2018, according to Gartner, in an effort to thwart breaches of consumers’ personally identifiable information (PII), company IP, and partner data.
Better security also allows companies to avoid penalties under GDPR, class action lawsuits, and more. While the Identity Theft Resource Center found the total number of data breaches decreased from 1,632 reported incidents in 2017 to 1,244 in 2018, the amount of records exposed greatly increased from 197.6 million in 2017 to 446.5 million in 2018. Despite heavy investments in information security products and services, enterprises continue to struggle to neutralize cybercriminals’ unending appetite for data.
The rampancy and success of threat actors can be attributed in part to digital transformation. Digital transformation leads to an exponential increase in the size of the corporate attack surface and generates far too many security alerts across all users, devices, applications and other IT assets. To assist in identifying and prioritizing these security alerts, enterprises turn to artificial intelligence (A.I.).
Organizations increasingly adopt A.I.-powered cybersecurity products to develop insights that would otherwise be impossible for humans to identify. A.I.-powered solutions flag anomalies, speed up detection, and improve the overall efficiency and effectiveness of modern security. In fact, 61 percent of enterprises say they cannot detect breach attempts without the use of A.I., and 48 percent of companies plan on increasing their budgets for A.I. in cybersecurity by an average of 29 percent in FY2020, according to Capgemini’s recent A.I. report.
Security analysts leverage A.I. systems to identify patterns that lead to potential threats—something that is often missed by conventional cybersecurity software. Analysts are often overwhelmed with security alerts from their company’s network, and A.I. not only streamlines the identification of gaps, but it can prioritize them based on criticality.
A.I.-powered cybersecurity solutions have several different benefits for different cybersecurity use-cases in any enterprise:
On the individual identity level…
A.I. can monitor user actions across devices and applications, remember user-specific information about their devices, track behavioral biometrics, keystroke patterns, and more. Micro-behavior of risky activity can be analyzed to flag breaches before damage is done.
On a network level…
Companies focus on monitoring the perimeter for anomalous packets and can track assets to identify unusual communication lines with external entities.
On the application level…
Run-time application self-protection security is a new approach where services can automatically detect and fix vulnerabilities, identify malicious activity, and provide defense mechanisms. Just as identities are seen as dynamic entities with changing behavioral patterns, so are applications that interact with the rest of the platform.
These trends in A.I. systems are improving the cybersecurity space by adding additional layers of security, while simultaneously reducing user friction by removing unnecessary steps in the authentication process.
Opportunities directly correlate with risk. As companies continue to undergo digital transformation and adopt new technologies, processes and people, the chances that a company can be breached through any new attack vectors increases. This makes the application of A.I. in cybersecurity imperative to defeating bad actors, not just a suggested tool. No industry is safe from cyberattacks, and cybercriminals show no sign of slowing down.
Ivaylo Bahtchenvanov is the head of data science at ForgeRock, a platform provider of digital identity management solutions. Previously, Ivaylo co-founded Frontier Data Science and worked in data science at Stella.ai.