The rise of artificial intelligence (AI) is the great story of our time, thanks to the low cost of computing, storage, and off-the-shelf machine algorithms. However, cyber criminals also have access to these resources and are able to build smarter malware.
This means that the attackers of the future will be machines that think, as hackers will look for new ways to use AI to their own benefit. We will witness sophisticated attacks launched on a large scale both quickly and intelligently, with little human intervention.
As the digital economy expands, cybersecurity threats will also grow. Australian leaders know they are not fully prepared, with 60% of those surveyed recently admitting that their security strategy is more reactive than proactive. Around 90% of these leaders say there are more emerging threats than they can currently control, illustrating that the underlying IT infrastructure needs to be better equipped for the new machine age.
The challenge now is to build immunity against “bad AI”. Fighting back requires an intelligent machine that can detect threats proactively, identify stealthy malware, reconfigure network traffic to avoid attacks, inform automated software to close vulnerabilities before they are exploited, and mitigate large-scale cyberattacks with great precision.
This is the reason 60% of Australian companies are planning to use cybersecurity applications with embedded intelligence to deal with new and complex threats. Companies are already doing it—Commonwealth Bank of Australia is developing AI technology for cyber security, fraud detection, and regulatory compliance. We are heading into an era of machine-versus-machine war and the winners of this battle will be the companies that are the most prepared for action.
Four proactive approaches can help companies prepare themselves for this new battle:
1. Make security automation a core element of your enterprise IT defense mechanism. Cybersecurity attacks can occur at any time of the day and on any day of the year. Organisations cannot have security staff available 24/7, and even if they could, there would be no guarantee that nothing bad would happen.
This is precisely why security automation will be critical in the future. Although software bots can’t prevent cyberattacks from happening, they do enable a much faster response to a breach. In fact, 60% of Australian IT executives are planning to automate security infrastructure to instantly assess, verify, prioritise, and assign all incoming alerts.
This will reduce the time required to resolve underlying security incidents from the current speed of days or weeks, to a much more effective hours or even minutes. The speed of response to an attack determines the scope of damage to your critical assets. An automated infrastructure blended with AI will become the new face of consumer trust.
2. Take a quantum leap into the future with Quantum Computing. From a long-term perspective, companies must work with machine learning start-ups in the market in order to upgrade their security infrastructure, and experiment with niche technology areas such as Quantum Computing. Although still in the very early days, Quantum Computing will completely change our approach to cybersecurity.
Quantum, combined with AI, will allow us to better understand the DNA of attacks on a mathematical basis and will run complex risk models continuously. Companies are already betting on Quantum—Australia’s Westpac has claimed a stake in the Quantum Computing-based cybersecurity firm QLabs, which is planning to roll out its product to global banks. In fact, 61% of IT executives said that they would immediately adopt Quantum Computing if it was commercially available.
3. Conduct a formal risk assessment to protect critical digital assets. Data is the biggest digital asset today, and protecting it (customer data, financial data, marketing data, IP data, etc.) means protecting your business—90% of companies suffered brand damage as a result of data breach in 2016 alone.
The good news is that 53% of companies surveyed have already conducted a formal risk assessment to identify and protect their digital assets, and 45% of organisations have initiated the process. Since the Australian government introduced a new policy outlining that those businesses experiencing hacking must report to the government, it has become more critical than ever for organisations to safeguard customer data. Leveraging AI solutions to protect digital assets will become the new normal in the future.
4. Merge your business, digital, and security strategies into one. Cybersecurity is still seen as a key IT initiative in many organisations, as stated by 67% of Australian IT executives. In today’s interconnected age, business is technology, and technology is business. The time has come for a single transformation strategy that cuts across business, IT, and security.
With this approach, the entire organisation will engage in a single mission: growing an AI-led business. This doesn’t mean that business leaders will become security experts. What it means is that they will have a holistic view of how changes in security infrastructure will change their business.
Cybersecurity has already gone beyond human capabilities. As data and hybrid environments continue to grow at an exponential rate, they will create more IT infrastructure complexity, making it increasingly challenging for companies to protect their brand. We’ll possibly see much bigger and more sophisticated attacks in the future, and companies need to be prepared for them.