Securing our connected future
Paul McEvatt, senior Cyber Threat Intelligence managerUK & Ireland at Fujitsu
In a society where connectivity is everything, our expectations of technology are constantly increasing and changing. It is estimated that there will be 20 billion connected devices by 2020, the data gathered in this IoT era is helping businesses stay relevant, understand their customers more fluently and improve various parts of their lives.
However, with more connectivity comes more risk. Cyber security is a topic everyone from CEO to consumer is aware of and concerned about. And as society becomes more digital, the threats are growing in number and complexity. New IoT vulnerabilities are surfacing every day and online services such as Shodan make it easier for cyber criminals to find a vulnerable device to hack into a network.
One area that is becoming more readily available to help developers and manufacturer’s combat this problem is machine learning and analytics. While IoT devices generate lots of data, it is the machine learning that is able to analyse it and help detect and improve weaknesses in the network and spot abnormal activity when it occurs. In short, it will be absolutely vital in the battle to secure a truly connected world, says Paul McEvatt, senior Cyber Threat Intelligence manager, UK & Ireland at Fujitsu.
Working together with humans – the hybrid approach
Humans have a huge role to play when it comes to securing a business. As part of this, security analysts trawl through computer networks for signs of intruders or insiders with malicious intent, commonly known as threat-hunting. However, this can be a time-consuming process as there are many avenues that an analyst may approach in trying to identify a problem that may not even be there. Additionally, with large amounts of data being generated and technologies being developed, this presents a hard task for experts.
Due to this, a hybrid approach also referred to as ‘attended machine learning’ where a human’s role is to work alongside machine is best to adopt here. Machine learning and AI still require humans to monitor, maintain and upgrade it.
For example, the majority of companies adopt a defence in depth approach to cyber security where a number of different technologies, from anti-virus to intrusion detection systems to firewalls will be used to protect a network. But despite the constant advancement in technology to ensure these systems are working to the best of their ability, utilising human experts ensure the burden of monitoring cyber-attacks is shared. This allows the two forces to work seamlessly together providing better results and analysis.
Cyber-security will always require a human mind and a critical eye. Similar to threat hunting, human input in collaboration with machine learning utilises both of their key attributes. This approach can enhance accuracy and more importantly incident response time ensuring any risks are acknowledged and dealt with in timely fashion.
With additional devices come more vulnerabilities
A well-known issue with cyber security is the difficulty with gauging whether a possible threat is actually malicious or not. Machine learning and AI can improve this, by learning everything about how a company’s network operates normally or how an endpoint should behave and generate an alarm when something out of the ordinary happens.
These notifications will alert companies of malicious activity and become more advanced as the activity changes, essentially ‘learning’ the traits of the attack. Its benefits don’t just stop there as a number of companies centralise this intelligence which means any company with the same technology will be updated and initiate a boost of their security defences.
Fail to plan
While machine learning and AI tools can improve threat hunting and offer support, security teams also need to be constantly learning in today’s digital world in order to stay up to date. This is why regular training is key to ensure they understand the risks associated with their business and their customer’s data. As well as this, knowledge and understanding of new regulations is vital for organisations.
With the upcoming EU GDPR, which will be implemented in 2018 and set huge requirements for businesses that handle European consumer data, it has never been more important for companies to get security right. The regulation will require businesses to report security breaches within 72 hours and if they don’t comply, could face fines up to 20 million Euros or 4% annual global turnover, whichever is higher.
With more responsibility being put on businesses when it comes to security, regulations need to be understood and following frameworks such as the Online Trust Alliance (OTA) is vital to ensure safe practice with connected devices is being adhered to. There must be a minimum security standard and framework that should be followed. Until there is a focus on security around IoT devices, the situation is unlikely to improve.
The Future
As IoT technology advances, cyber security can no longer be the afterthought. To enjoy and benefit from the advancement of IoT, businesses and consumers must take the necessary steps to ensure its being protected is essential. Education and responsibility are key and businesses and consumers must keep up to date with the constant changes in IoT and its security.
Whilst we will continue to see advancements in the technology and security of machine learning and AI, human input should not be overlooked and seen as the weakest link due to the IoT devices being brought in. The best solution for full-rounded safety is the hybrid approach with machine learning operating with humans maintaining and monitoring.
The author of this blog is Paul McEvatt, senior Cyber Threat Intelligence manager, UK & Ireland at Fujitsu
Comment on this article below or via Twitter @IoTGN