Today, many security conversations point to the security intelligence, the detection of behavioral anomalies and the value of Artificial Intelligence (AI) in safety. But will the cognitive safety Is it an exaggeration or are there actual applications currently in use? Is it only feasible for larger and more sophisticated organizations or is it more widely available?
We hear a lot about the usefulness of AI in health diagnostics, its ability to interpret and filter large amounts of clinical trial data for overworked physicians who cannot keep up with newly produced studies, and even its ability to propose personalized treatment strategies. based on the individual's DNA traits.
But cyber security is different.
Traditionally, it has been an ongoing process of incorporating common access controls into known vulnerable rules and policy-based locations. Controls are monitored for success and to identify areas that require additional rules and policy enhancements. These are fundamental security practices that are effectively applied every day in almost every organization using similar tools, practices and skill sets. It was the logical approach accepted for so long & #8211; why change now?
Most organizations will tell you that they have a mature security framework and that their practice is the most effective model. Your challenges often include inadequate resources such as skills, tools, people, funding, and time to keep up with growing demand. But does their current structure really scale with the evolving threat landscape and resource trends? Are you reactive or proactive? Many organizations around the world now face challenges similar to those in the healthcare industry & #8211; challenges that can be faced with the help of cognitive security.
What is cognitive safety?
Before we move on, let's distinguish true cognitive security from basic detection of behavioral anomalies. Behavioral anomalies are really basic table stakes for any AI solution today. You may not even need a true AI to detect anomalies because standards, rules and policies can show such warnings.
True cognitive security, on the other hand, is interpretive based on continuous learning that increases its comprehensive corpus of knowledge. While it certainly identifies behavioral inconsistencies, it also goes much further. A cognitive solution can conduct its own assessment of the issue at hand and develop its own hypothesis, freeing security analysts from the task of setting strict rules and pitfalls. It can provide insights that would otherwise be elusive and do so considerably faster than humans. In fact, artificial intelligence may be more correctly referred to as 'accelerated intelligence'.
Simplifying AI threat assessment
Let's look at the work a security team usually does on a daily basis. An analyst may notice a suspicious event and initiate an initial assessment to determine whether to investigate or ignore the anomaly. Your initial conclusion may be based on the team's interpretation of the situation, its skills, and the tools available to it. The team can also examine an event notification from their security controls to determine if it is a false positive or true alert. Again, it is usually up to the initial analyst to decide whether to act or ignore an event.
During this initial decision-making process, analysts have numerous tools, channels and forums at their disposal. An analyst might try to summarize their suspicions in conversations with others, conduct consultations in technical or security forums, initiate keyword searches in traditional public search engines, or search internal repositories to analyze incident response handouts.
Consider how much time runs out during the initial screening before any remediation begins. A cognitive security solution can conduct all of this research simultaneously, examine more sources of information than a team of analysts would have available, and draw conclusions in minutes. It can also determine if an event is real, its threat source, remediation information, payload paths, and other subtle indications of a possible attack. AI can even evaluate payloads across the infrastructure and identify other users who might have received the same payload. This information is presented quickly, reducing the time required to detect and respond to incidents from days to minutes.
Accelerating the future of security
While cognitive computing technology is still in its infancy, these tools are providing real value to many organizations today, and are growing faster and smarter by the minute. The threat landscape is expanding at an unprecedented rate, and bad actors, many of whom are highly funded and well orchestrated, are also embracing the latest technologies, including AI.
Many sophisticated threat agents are investing heavily in research and development and buying illicit products anonymously with digital currencies. As a result, these malicious products are developed and deployed faster, becoming more advanced, and resilient to traditional security measures. Given this rapid development, we seem to be preparing for a future where AI-enabled security tools must interpret and respond to AI-based threats & #8211; if we are not already there.
Source: IBM SecurityIntelligence & #8211; by Michael Melore
Technology used by Safeway with the power of cognitive security:
IBM QRadar Advisor with Watson.
About [SAFEWAY]
THE [SAFEWAY] is a widely recognized company as a provider of premium information security and cybersecurity solutions. From its extensive portfolio, we highlight several solutions, including those based on platforms:
● Archer da RSA Security, considered by the institutes Gartner and Forrester and by the market itself, the most complete process integration solution for Governance, Risk Management, Compliance and Business Continuity Management;
● [SAFEWAY] Security Tower, supported by IBM Qradar (Watson Technology), IBM Resilient, and other solutions tailored to each organization for their security and cyber defense management needs.
● And others, involving technologies Imperva, Thales, BeyondTrust and WatchGuard Technologies.