As cyberattacks continue to grow in complexity and sophistication, the technology and vendors that protect us from this growing threat must continually evolve to keep up. This involves a constant on-boarding of new techniques and knowledge, arming themselves with the very latest weapons.
In Australia, the Australian Competition and Consumer Commission (ACCC) recently reported that cybercrime is up 30 percent and the annual cost of cyber scams sits at around $300 million. The report also stated that of the 6,000 businesses studied, the average cost per ‘scam’ was around $10,000. The larger the organisation, the greater the amount they stand to lose.
However, since smaller businesses are at most risk – their security efforts being less sophisticated and lower-budget than larger organisations – a hit of $10,000 could easily be the difference between staying afloat and going under.
Further to the financial risk of cyber security, an enterprise facing a data breach also stands to lose the trust of their customers. The Unisys Security Index Australia 2011 revealed at the time that 85 percent of Australian customers would stop dealing with an organization if their data was breached. The ramifications of a cyberattack can spread much further than a simple loss of short-term income.
While cyber criminals constantly upgrade their systems and look for more sophisticated ways to attack a business, enterprises must be prepared and arm themselves with equally current and sophisticated technologies to counter this threat. Machine learning stands at the forefront of that arsenal.
A sophisticated and secure big data analytics platform can look at patterns of online behaviour, analyse points of weaknesses or threats, and serve to rectify these areas before they become a salient point in a company’s defence strategy. Finding and understanding a pattern of attack can provide crucial information about when, where, and how attacks will occur, and machine-driven pattern finding is making big inroads into countering hostile behaviours.
Advanced security service providers and vendors are constantly conducting research to find patterns of attack by cyber criminals, sharing results with the larger community in an effort to curb hostile cyber behaviour. This means getting into the details of the pattern concept by analysing what the pattern of attack looks like, how they can be captured, and what makes them effective.
There are countless machine-driven methods for deriving these patterns and many are specifically designed to find the best divisions between classes of behaviour. Graph-based modelling, for instance, allows behaviours to be compared in terms of their overall nature, sequence learning is a way of divulging where attacks may come from – looking at sequences that are highly correlated with particular outcomes, and clustering can be used to find common classes of applications.
These approaches serve to find patterns of threatening or suspicious online behaviour, improve the patterns previously found and analysed, and apply those patterns broadly. This way, an analysis and threat detection method can be inherently more sophisticated than the original threat itself, effectively nullifying the danger to an organisation.
Machine learning can provide a crucial advantage in the game of cat-and-mouse between attackers and defenders, finding patterns that are not intuitive to humans. If a security service provider can keep attackers guessing about how they are being detected, they will be forced to waste resources trying to evade detection, until attacking is no longer an attractive proposition.