It’s Time to Infuse AI Into Your Endpoint Security Strategy
Computing and cybersecurity aren’t changing — they’ve already changed. End users have transformed the way IT works, and this means the widely accepted definition of endpoints has morphed. End users want to be connected to everything, which means virtually everything is (or can be) an endpoint today.
This has opened new possibilities for how we do business, but it has also created more opportunities for bad guys to infiltrate your system. To adapt to the way our modern, hyperconnected world operates, organizations must adopt a new endpoint security strategy built around artificial intelligence (AI) and machine learning.
End the Old Endpoint Security Strategy
The way we think about cybersecurity must shift to keep pace with the increasingly volatile threat landscape. According to Mark Barrenechea, CEO and chief technology officer (CTO) at enterprise information management provider OpenText, we have entered a new era of cognitive computing. Barrenechea spoke at the May 2018 OpenText Enfuse conference in Las Vegas, Nevada, and warned that cybercriminals are no longer after organizations’ money — they are now focused on stealing valuable data and intellectual property.
Today’s cybercriminal community is largely made up of nation-state actors and sophisticated thieves who use this information to commit other types of crime. Data weaponization is becoming increasingly common, with bad actors leveraging stolen information to blackmail executives, facilitate social engineering schemes and more.
This new generation of cybercriminals targets Internet of Things (IoT) devices, such as voice assistants, vehicles and medical devices. Traditional approaches to network security simply won’t work in this new, connected environment.
Cybersecurity currently focuses primarily on malware infections and keeping threat actors out of corporate networks. Malware isn’t going away — it remains an effective way for cybercriminals to gain access to the information they want. While firewalls, antivirus software and other perimeter defenses are still needed, they are no longer sufficient on their own.
The perimeter approach to endpoint security doesn’t address the actual theft of data or how it can be manipulated. It also fails to account for the unique needs of individual organizations. Healthcare, education and financial services, for example, all have different types of data to protect and different entry points through which customers access their networks.
Most importantly, the traditional perimeter security approach doesn’t recognize where data is located: on the endpoints.
Endpoint Security Is a Shared Responsibility
That’s a lot of endpoints to protect.
As a result of this rapid proliferation of connected devices, Barrenechea asserted during his presentation, we are all responsible for endpoint security. That means both companies and their employees have a stake in the security of all endpoints that connect to enterprise networks. However, many organizations simply lack the manpower and expertise to address this responsibility. That’s where AI and machine learning can help.
Machine vs. Machine: Redefine the Role of the Human Analyst
Cybersecurity isn’t about humans versus humans anymore. Of course, humans are still involved, but criminals are increasingly turning to machines to do their heavy lifting. On the security side, however, we still depend too heavily on the human touch. While people will always be necessary, the time has come to think of security in the context of machine versus machine.
Barrenechea advised security leaders to think of AI more as augmented intelligence — machines working with humans. Machine learning can handle the complicated algorithms necessary to defend data in today’s hyperconnected IT landscape. Practical uses for AI include facial recognition technologies and processes that ensure that the right security tools are used in the right situations. This promotes improved situational awareness and communication about potential risks. AI does the grunt work of protecting data and preventing intrusions by other machines, while human analysts act as the second line of defense, verifying the situation and putting plans into action.
Most importantly, AI can defend the data sitting on those billions of endpoints. This is another way to look at machine versus machine: Organizations already struggle to protect devices — especially employee-owned devices connecting to enterprise networks. Machine learning can provide the “manpower” to protect these endpoints.
Machine learning and AI could also be the answer to the cybersecurity skills shortage. This technology can provide the extra assistance overworked analysts need to keep networks safe. When things go wrong, AI can help teams discover and recover from advanced threats.
Information is the world’s most valuable resource, and just one event can take down an entire business. Since you can’t separate data from the device it lives on — and since the bad guys have already figured out how to infiltrate it — your endpoint security strategy must focus on data protection instead of malware. Fortunately for security teams, AI’s time as an essential cyberdefense tool has finally arrived.