Applying Machine Learning to the Threat Spectrum
We’re pleased to be partnering with Cisco for this blog. Scroll down to download the Cisco 2018 Annual Cybersecurity ReportWith shrinking budgets and understaffed teams, cybersecurity professionals have begun to realize supplemental tools are necessary to keep pace with potential threats. In their Annual Cybersecurity Report (ACR), Cisco threat researchers share significant findings about defender behavior over the past 12 to 18 months, including the most commonly used tools and tactics.One tool gaining traction in the cybersecurity industry is machine learning. Machine learning is defined as the ability for machines to learn without being explicitly programmed. Employing mathematical techniques across huge datasets, machine learning algorithms build behavior models and use those models to make future predictions based on new data.Although the workings behind this process are complex, machine learning can help cyber security professionals analyze threats more efficiently and respond to attacks more quickly. As the cybersecurity skills gap continues to grow, it also aides in automating more menial tasks so workers can focus on serious threats.Defenders Report Greater Reliance on Machine LearningDefenders have begun turning to this advanced security technology as a means of extending their prevention and detection capabilities, as machines can learn to detect unusual patterns in traffic that might indicate malicious activity.Key findings from the Cisco 2018 Security Capabilities Benchmark Study, which have been included in the ACR, indicate that the lack of trained personnel is an obstacle to enhancing security defenses in many organizations.“Automation and intelligent tools like machine learning and artificial intelligence can help defenders overcome skills and resource gaps, making them more effective at identifying and responding to both known and emerging threats.”As security infrastructures grow in complexity, Chief Information Security Officers (CISOs) report that they are eager to add tools that use artificial intelligence and machine learning. The data found in the Benchmark Study shows that 34 percent are already completely reliant on machine learning and 32 percent are completely reliant on artificial intelligence (Figure 4).Algorithms at WorkApplying machine-learning algorithms offers practitioners a more nuanced view of user activity, flagging suspicious behavior more frequently. Although there can be some frustration over the number of false positives found initially, these should ease over time as machine learning technologies mature and become smarter at determining what is ‘normal.’Cisco researchers noted, “Machine-learning algorithms hold the promise of providing greater visibility into the cloud and user behavior. If defenders can start predicting user behavior in terms of downloads, they can save the time it might take to investigate legitimate behavior. They can also step in to stop a potential attack or data-exfiltration incident before it happens.”As machine learning technology becomes more mature, the report indicates organizations will continue to invest in tools that will provide safeguards for critical systems, such as critical infrastructure services.Many have indicated that machine learning is not the ultimate silver bullet to cybersecurity, however, for professionals looking to continuously improve their defenses and help shoulder the workload, it has become a viable option that it appears will only grow in popularity.Cisco delivers intelligent cybersecurity for the real world, helping machine-learning systems and researchers track threats across networks, data centers, endpoints, mobile devices, virtual systems, web, and email, and from the cloud, to identify root cause and scope outbreaks.
To read the complete Cisco 2018 Annual Cybersecurity Report, click here to download. Additionally, you can earn a badge and a Certificate of Completion when you pass the ACR 2018 Assessment, available here. Simply apply code ACR2018 to take the assessment free.