By: Simeon Tassev, MD & QSA at Galix Networking Cyberspace is rapidly becoming a hostile environment in which to do business. The 2016 Global Threat Intelligence Report revealed that there were 6.2 billion cyber-attacks in 2015 alone, while the International Data Corporation predicts that by 2018, two-thirds of corporate networks will experience an Internet of Things security breach as malicious hackers continue to target business networks, systems, and devices. Their purpose? To steal data that can be exploited. This puts enormous pressure on businesses to defend their digital assets and employee devices against criminals armed with the latest technology. As hacker tools become more advanced, businesses are having to find newer, smarter ways to fight off these attacks. One way of effectively addressing cybercrime is for organisations to apply Artificial Intelligence (AI)-led security technology. By making use of AI in cyber security it becomes possible for organisations to shift the focus onto cyber attack prevention and detection, finally making security proactive and predictive instead of reactive. As rapidly as AI is becoming a growing trend, so too is the Internet of Things (IoT) expanding and as the proliferation of devices and sensors connected to the IoT continues, the sheer volume of data being created will skyrocket to an unbelievable level. [caption id="attachment_2737" align="alignleft" width="200"] Simeon Tassev, Managing Director & QSA at Galix Networking[/caption] While this data can give us valuable insight into the operational reality of what is working well within an organisation and what is not, there are a few things that organisations need to know about the benefits of AI and how to steer clear of the associated potential pitfalls to successfully prevent cyber-crime. Defining AI Realistically speaking, AI is a system or a program that has built-in algorithms designed to work out probabilities for risk materialisation, based on different types of mathematical calculations. Intelligence implies that such a system is capable of doing more than just logging and collecting information as it passes through the system. It is capable of automatically conducting certain analyses on information as it is received after which the system can then action. Previously a security system was only capable of responding with an alert trigger based on pre-defined thresholds which would then require human intervention to deal with the threat, but with AI it is now possible for the system to respond without being prompted. Businesses are already using Advanced Threat Protection systems and due to integration with other security and network entities, such a system can take action and can communicate with the firewall to initiate a block protocol in response without having to wait for a human to make the call. The benefits of leveraging AI to prevent cyber-attacks are numerous. The IoT is (and will continue) to amass huge amounts of data – the challenge lies in finding ways to analyse and identify trends in this information that produced by devices and collected by sensors connected to the IoT. Because it simply is not humanly possible for us to review and understand this volume of data, AI becomes a way for us to make sense of it all by improving the speed and accuracy of data analysis. With AI, an organization can pre-program thresholds and different parameters within the system itself to enable it to act without requiring human input. While it’s not currently possible to get levels of complete automation, if the system is intelligent enough to handle 90% of security incidents, that will go a long way to reducing time to identify threats and enable a much faster response as well.