As the modern threat landscape continues to expand, adding artificial intelligence (AI) to a security strategy has become paramount to establishing and maintaining an effective security posture. Given the speed and complexity of modern cyberthreats and the current cybersecurity skills shortage, network security teams need the assistance of machine learning and other AI-based capabilities in order to detect, secure, and mitigate modern attacks.

 

However, it should come as no surprise that while organizations are adopting AI to bolster their security efforts, cybercriminals are also adopting of things like agile software development, automation, and machine learning to potentially leverage AI themselves to better identify and more quickly exploit network vulnerabilities.

 

Due to the growing number and variety of IoT and OT devices entering network infrastructures, cybercriminals already have the opportunity and capability to launch rapid, complex attacks that these inherently vulnerable devices as entryways into corporate networks. The potential attack capabilities posed by AI will only further compound the threats to today’s digital transformation efforts.

 

As a result, AI may soon offer the means to either successfully secure or attack the IoT – effectively creating an AI arms race between cybersecurity professionals and cybercriminals. In order to protect digital transformations and maintain rigid security posture, it’s crucial that IT teams understand recent changes in cybercriminal strategies that could lead to an AI-driven threat environment in the next few years. They also need to understand which AI capabilities they need to incorporate into their security stack now in order to maintain a consistent security posture while their network continues to evolve and expand.

 

The Shifting AI-Driven Threat Landscape
Cybercriminals have already begun leveraging automated and scripted techniques in an effort to drastically increase the speed and scale of their attacks. Thanks to these advanced capabilities, we’ve seen the volume of exploits skyrocket, rising 240 percent from Q1 to Q2 2018. This strategy is also laying the groundwork for cybercriminals to eventually adopt AI to automatically map networks, assess vulnerabilities, choose attack vectors, and conduct penetration testing in order to deploy fully-customized and automated attacks.

 

If history is any guide, as legitimate AI capabilities continue to increase in today’s networks, its adoption among cybercriminals is inevitable. Cybercriminals are undergoing their own digital transformation, and as a result, they are already leveraging things like agile development to quicken the pace of malware development to outpace manual threat analysis and outmaneuver modern security solutions. The eventual adoption of AI will accelerate this process further.

 

As a result of the dramatic progress being made by cybercriminal malware and exploit developers, it’s no longer a question of if an organization will be attacked, but when. Unfortunately, many organizations still rely on legacy point product solutions, incorporating more than 30 different isolated products into their network on average, rendering their ability to adequately detect and respond to today’s advanced attack strategies obsolete. Simply put, as the cybersecurity skills shortage continues, those relying on manual threat analysis and detection, as well as security-as-you-go strategies, will not be able to keep pace with the advanced capabilities of today’s cybercriminals.

 

The Security Risks and Challenges Introduced by IoT and OT Devices
One of the largest areas of digital transformation happening across industries is the incorporation of IoT and OT devices into corporate networks. With more than a million new devices connecting to the internet each day, there’s an explosion of IoT data, most of which is designed to move freely between devices located in physical and cloud-based network environments and across widely dispersed geographic locations. As a result, this rapidly-expanding IoT environment is increasingly difficult for cybersecurity professionals to actively secure without hindering business efficiency and processes.

 

With IoT devices predicted to make up more than a quarter of all cyberattacks by 2020, it’s crucial that network security professionals understand what a significant threat vector that IoT is, along with the unique strategies required to secure it:

 

Multi-Vendor Environments: As digital transformation efforts dramatically increase the demand for IoT and OT devices, vendors have been quick to capitalize on it. As a result, businesses and organizations across industries have now incorporated a variety of IoT devices from numerous vendors into their network infrastructure. However, the larger the multi-vendor environment, the harder it is for IT teams to account for, track, and secure each device.

 

Poor Network Visibility: One of the biggest vulnerabilities brought on by the IoT explosion is a lack of visibility into the elements operating within a network at any given time. The fact is, thousands of connected devices can potentially access a network from a myriad of locations both external and internal, including from remote offices via SD-WAN and the newly connected OT network. The challenge is that effective security posture is reliant on the ability of cybersecurity professionals to clearly identify each device, assign ownership and policy, segment them accordingly, and then actively track and monitor those devices and their applications and data even when they are highly mobile. However, when IT teams rely on manual threat analysis, detection, and mitigation, this becomes extremely difficult and often leads to unknown devices, rogue access points, and shadow IT to operate in the network undetected.

 

Headless Devices: Given the massive demand for IoT devices, cost is an issue. As a result, these devices are typically manufactured with only the bare essentials needed to ensure their functionality. In other words, these devices lack the control and visibility typically provided by a traditional user interface, making them impossible to patch or update. Even worse, an alarming number of these devices include blatant vulnerabilities, such as hard-coded back doors, that can be easily exploited if they are not appropriately protected. This provides cybercriminals with the opportunity to deploy AI-assisted attacks that can detect and compromise IoT and OT devices using emerging techniques such as swarm technology. This technology essentially turns devices into malware proxies capable of attacking networks on a large scale from within the network itself.

 

Cryptojacking Remains a Primary Concern: Given the lack of visibility and control into IoT and OT devices, they are a particularly attractive target for cryptojacking attacks that leech off these devices in order to mine cryptocurrency. In our Global Threat Landscape Report for Q2 , we saw evolving cryptojacking attacks targeting IoT and OT devices – accounting for 23 percent of malware-based attacks. Cryptojacking poses a particularly significant threat for networks that deploy OT in order to efficiently manage their operations. Should a successful cryptojacking attack slow OT efficiency down, it could seriously impact the targeted organization.

 

Leveraging Artificial Intelligence to Secure the IoT
To actively secure IoT and OT devices while mitigating the common threats targeting them, proactive IT professionals have begun to redesign their security posture to include AI as part of an integrated and automated security fabric. With artificial intelligence acting as the workhorse of network defense, cybersecurity personnel can now gain an advantage in the continuing cyberwar to secure the success of their digital transformation efforts, including IoT implementation, while maintaining their network integrity.

Specifically, AI in combination with a modern fabric-based defense provides IT teams with:

 

Comprehensive Device Visibility: Leveraging AI-assisted network access control, cybersecurity professionals can achieve clear visibility into every device accessing a network at any given time. Armed with granular device visibility, each device can be appropriately inventoried, tracked, secured, and segmented at machine speeds.

 

Unified Threat Analysis: As organizations’ digital transformation efforts continue to expand the perimeter of their networks – both physical and cloud-based – it becomes increasingly difficult to conduct threat analysis and mitigation efforts across the network at a rate that can keep pace with modern cyberthreats. With this in mind, AI provides the means for IT teams to rapidly collect the latest threat analysis data, identify vulnerabilities within their networks, and deploy those security solutions that mitigate those attacks.

 

Automated Threat Containment: Seconds matter when a network is successfully breached. The longer a network breach remains unhindered, the farther the damage can spread. This is particularly evident across the financial services, healthcare, and critical infrastructure sectors, where essential systems need to remain operational at all times, and if successfully hindered, can cost exorbitant sums of money and even the lives of employees, patients, or citizens. With AI in place, IoT and OT containment procedures can be automated, allowing infected devices to be properly segmented or taken offline before they have a chance to spread to additional areas throughout the network.

 

Final Thoughts
IoT and OT adoption is exploding as organizations across industries continue to expand their ongoing digital transformation efforts. However, cybercriminals are simultaneously expanding their capabilities, leveraging new development, deployment, and exploitation techniques to launch faster and more sophisticated attacks. Their ability to integrate AI into this process is simply a matter of time. In order to protect the success of digital transformation, and the new digital economy driving that transformation, cybersecurity personnel need to get out in front of this challenge now by leveraging AI-assisted security solutions that provide the breadth and rapid detection and response capabilities needed to keep pace with modern cybercriminals.

 


RECOMMENDED ARTICLE FOR TECHWORLD


 
Akamai Study Evaluates OTT Consumption Trends across APAC
Techworld Date Posted: 16 December 2017 4:30 PM | 295 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, unveiled a study highlighting OTT (Over-the-top) video content consumption trends across six countries.. See More
 
Akamai Study Evaluates OTT Consumption Trends across APAC
Techworld Date Posted: 4:30 PM | 295 Views
Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, unveiled a study highlighting OTT (Over-the-top) video content consumption trends across six countries.See More

 
PLDT, Smart Unlock Amazing Digital Experiences Powered by PH’s Fastest Network
Techworld Date Posted: 7 November 2018 3:57 PM | 260 Views
Fresh from their latest recognition as the Philippine’s fastest fixed and mobile networks, leading digital services provider PLDT Inc. and its mobile arm Smart Communications are ushering in a new wave of innovative products.... See More
 
PLDT, Smart Unlock Amazing Digital Experiences Powered by PH’s Fastest Network
Techworld Date Posted: 3:57 PM | 260 Views
Fresh from their latest recognition as the Philippine’s fastest fixed and mobile networks, leading digital services provider PLDT Inc. and its mobile arm Smart Communications are ushering in a new wave of innovative products...See More

 
Nokia 8110 Welcomes WhatsApp to the Store
Techworld Date Posted: 2 May 2019 11:05 AM | 71 Views
HMD Global, the home of Nokia phones, has announced that WhatsApp, the simple, reliable and secure messaging app, is now available on the Nokia 8110. The app can be downloaded from the Store. . See More
 
Nokia 8110 Welcomes WhatsApp to the Store
Techworld Date Posted: 11:05 AM | 71 Views
HMD Global, the home of Nokia phones, has announced that WhatsApp, the simple, reliable and secure messaging app, is now available on the Nokia 8110. The app can be downloaded from the Store. See More

 
Free Content Now Available for DRAGON BALL XENOVERSE 2
Techworld Date Posted: 23 January 2018 4:46 PM | 262 Views
BANDAI NAMCO Entertainment Asia is pleased to share details about DRAGON BALL XENOVERSE 2 as new playable characters from the Tournament of Power in Dragon Ball Super. See More
 
Free Content Now Available for DRAGON BALL XENOVERSE 2
Techworld Date Posted: 4:46 PM | 262 Views
BANDAI NAMCO Entertainment Asia is pleased to share details about DRAGON BALL XENOVERSE 2 as new playable characters from the Tournament of Power in Dragon Ball SuperSee More

 
HyperX Brings Alloy FPS RGB and Cloud Earbuds to PC and Nintendo Switch Gamers
Techworld Date Posted: 29 October 2018 5:13 PM | 164 Views
HyperX®, the gaming division of Kingston Technology, has announced the Alloy FPS RGB Mechanical Gaming Keyboard and the Cloud Earbuds are both available in Malaysia.. See More
 
HyperX Brings Alloy FPS RGB and Cloud Earbuds to PC and Nintendo Switch Gamers
Techworld Date Posted: 5:13 PM | 164 Views
HyperX®, the gaming division of Kingston Technology, has announced the Alloy FPS RGB Mechanical Gaming Keyboard and the Cloud Earbuds are both available in Malaysia.See More

 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3 May 2018 3:42 PM | 209 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. . See More
 
Kaspersky Lab Industrial Cybersecurity Conference 2018 Call for Papers
Techworld Date Posted: 3:42 PM | 209 Views
The growing interconnectedness of IT and operational technology (OT) systems raises new security challenges and requires the transformation of both protection technologies and the mindsets of board members, engineers and IT security teams. See More

 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 8 January 2018 4:30 PM | 381 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.. See More
 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 4:30 PM | 381 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.See More

 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 21 September 2017 1:22 PM | 564 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest.... See More
 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 1:22 PM | 564 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest...See More

 
Building Safety Must-Haves Available At WOSAS 2018
Techworld Date Posted: 13 November 2018 4:10 PM | 242 Views
Due to overwhelming public demand, WOSAS (World of Safety and Security) and WOCEE (World of Consumer Electronics Exposition) are back again this year. See More
 
Building Safety Must-Haves Available At WOSAS 2018
Techworld Date Posted: 4:10 PM | 242 Views
Due to overwhelming public demand, WOSAS (World of Safety and Security) and WOCEE (World of Consumer Electronics Exposition) are back again this yearSee More

 
From Cloud Growth to a Cloud Mess: Two Out of Three SMBs Struggle with Over-Complicated IT Infrastructure
Techworld Date Posted: 5 July 2018 2:01 PM | 389 Views
As their businesses grow, companies increasingly embrace new business tools and cloud services in an attempt to make their employees’ working lives more efficient and flexible, as well as reduce expenditures. . See More
 
From Cloud Growth to a Cloud Mess: Two Out of Three SMBs Struggle with Over-Complicated IT Infrastructure
Techworld Date Posted: 2:01 PM | 389 Views
As their businesses grow, companies increasingly embrace new business tools and cloud services in an attempt to make their employees’ working lives more efficient and flexible, as well as reduce expenditures. See More


Power by

Download Free AZ | Free Wordpress Themes