Presented by Darktrace
Cybersecurity today is in a state of continuous growth and improvement. In this on-demand webinar, learn how two organizations are using a continuous AI feedback loop to identify vulnerabilities, strengthen defenses, and improve the results of their cybersecurity programs.
Watch for free on demand here.
The security risk landscape is changing and the traditional approach to on-premises cybersecurity is no longer sufficient. Remote working has become the norm, and outside the office walls, employees are abandoning their personal security defenses. Cyber risks introduced through the supply chain via third parties continue to be a major vulnerability. Organizations therefore need to think about not only their own defenses, but also those of their vendors to protect their priority assets and information from infiltration and exploitation.
And that’s not all. The ongoing conflict between Russia and Ukraine has provided more opportunities for attackers, and social engineering attacks have increased tenfold and become increasingly sophisticated and targeted. Both play on the fears and uncertainties of the general population. Many security industry experts have warned of future threat actors leveraging AI to launch cyberattacks, using intelligence to optimize routes and accelerate their attacks across the world. digital infrastructure of an organization.
“In the modern security climate, organizations must accept that there is a high likelihood that attackers could breach their perimeter defenses,” said Steve Lorimer, privacy and information security manager at Hexagon. “Organizations need to focus on improving their security posture and preventing business interruption, which is known as cyber resilience. You don’t have to win every battle, but you must win the most important ones.
ISOs should look for cybersecurity options that alleviate some resource issues, add value to their team, and reduce response time. Self-learning AI trains using unlabeled data. Autonomous Response is a technology that calculates the best action to take to contain attacks in progress at machine speed, preventing attacks from spreading across the enterprise and disrupting critical operations. And both become essential for a security program to meet these challenges.
Why self-learning AI is essential in the new cybersecurity landscape
Attackers are constantly innovating, transforming old attack patterns into new ones. Self-learning AI can detect when something in an organization’s digital infrastructure changes, identify behaviors or patterns that haven’t been seen before, and act to quarantine the potential threat before it does. escalates into a full-fledged crisis, disrupting operations.
“It’s about creating layers at the end of the day,” adds Lorimer. “AI will always be a supporting element, not a substitute for human teams and knowledge. AI can empower human teams and ease the burden. But we can never rely entirely on machines; you need the human element to make intuitive decisions and the emotional reactions to influence bigger business decisions.
The Benefits of Autonomous Response
Often, cyberattacks start slowly; many take months to go from reconnaissance to penetration, but the most important elements of an attack happen very quickly. Autonomous Response unleashes the ability to react at machine speed to identify and contain threats within this short window.
The second key benefit of Autonomous Response is that it allows for an “always on” defense. Even with the best of intentions, security teams will always be constrained by resources. There aren’t enough people to defend everything all the time. Organizations need a layer that can augment the human team, giving them time to think and react with crucial human context, like business acumen and strategy. Autonomous response capabilities allow AI to make decisions instantly. These micro-decisions give human teams enough time to make these macro-decisions.
Next Level: Take Advantage of Attack Path Modeling
Once an organization has matured its thinking to the point of suspected breach, the next question is to understand how attackers are traversing the network, Lorimer says. Now, AI can help companies better understand their own systems and identify the riskiest paths an attacker could take to reach their crown jewels or most important information and assets.
This attack simulation allows them to build up defenses around their most vulnerable areas, Lorimer explains. And self-learning AI is really about paradigm shifting: instead of building defenses based on historical attack data, you need to be able to defend against new threats.
Attack Path Modeling (APM) is a breakthrough technology because it allows organizations to map paths where security teams may not have as much visibility or may not have initially been considered vulnerable. The network is never static; a large modern and innovative company in constant evolution. Thus, APM can operate continuously and alert teams to new attack paths created through new integrations with a third party or a new device joining the digital infrastructure.
“This continuous AI-powered approach allows organizations to continuously strengthen their defenses, rather than relying on semi-annual or even rarer red team drills,” says Lorimer. “APM enables organizations to proactively patch network vulnerabilities.
Choose a cybersecurity solution
When choosing a cybersecurity solution, there are a few things ISOs should look for, says Lorimer. First, the solution must increase human teams without creating substantial additional work. Technologies must be able to increase the value an organization delivers.
ISOs should also seek to repair any significant technology overlap or gaps in their existing security stacks. Today’s solutions can replace much of the existing stack with better, faster, more optimized, more automated, and technology-driven approaches.
Beyond the technology itself, ISOs should look for a vendor that adds human expertise and contextual analysis on top.
“For example, Darktrace’s Security Operations Center (SOC) and Ask the Expert services allow our team at Hexagon to gather insights into their global fleet, partner community, and entire customer base,” says Lorimer. . “Darktrace works with companies across all industries and geographies, and this context allows us to understand threats and trends that may not have had an immediate impact on us yet.”
Hexagon operates in two key industry sectors: manufacturing and software engineering. Thus, each facet of the business faces different and specific threats from different threat actors. Darktrace’s SOC offers insights from experts and analysts in the wider industry based on their wealth of knowledge.
But even with the best tools, you can’t fix every problem. You need to focus on fixing issues that will truly affect your ability to deliver to your customers and, therefore, your bottom line. You need to establish controls that can help manage and reduce this risk.
“It’s all about tackling problems before they escalate and mapping the potential consequences,” says Lorimer. “It all comes down to understanding the risks to your organization. »
For more insight into today’s threat landscape and to learn more about how AI can transform your cybersecurity program, don’t miss this VB On-Demand event!
Watch for free on demand here.
You will learn more about:
- Protect and secure citizens, nations, facilities and data with empowered decision-making
- Apply continuous AI feedback systems to improve results and strengthen safety systems
- Simulate real-world scenarios to understand attack paths adversaries can exploit against critical assets
- Merge the physical and digital worlds to create intelligent infrastructure security
- Nicole EaganChief Strategy Officer and AI Officer, Darktrace
- norbert hankeExecutive Vice President, Hexagon
- mike beckGlobal CISO, Darktrace
- Steve LomerGroup Privacy and Information Security Officer, Hexagon
- Chris PremiersbergerModerator, Contributing Author, VentureBeat