NC1801
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
FEATUREAI<br />
AI: CLOSING THE CYBER<br />
SECURITY SKILLS GAP<br />
WE ARE FACING A MOUNTING<br />
CYBER SECURITY SKILLS CRISIS.<br />
MATT WALMSLEY, EMEA<br />
DIRECTOR AT VECTRA<br />
EXPLORES HOW TECHNOLOGY<br />
CAN PUT US BACK ON TRACK<br />
The velocity and diversity of cyberattacks<br />
is relentless and continues to<br />
grow. As businesses transform to<br />
become digital-first, the rate of innovation is<br />
surpassing some company's security<br />
capabilities as legacy systems and humanled<br />
practices fail to keep pace. Yet the<br />
challenge remains, and there is a distinct<br />
lack of skilled security professionals<br />
available to fill the gap.<br />
With a steady stream of stories dwelling on<br />
the latest data breach casualty, there is<br />
much unease concerning business security,<br />
with speculation rife across global media.<br />
With a company's reputation at risk when,<br />
rather than if a breach occurs, business<br />
leaders are starting to accept cybersecurity<br />
as a board-level issue.<br />
THE CYBERSECURITY SKILLS<br />
SHORTAGE<br />
Demand for skilled cybersecurity<br />
professionals is growing, therefore it comes<br />
as no surprise that we are facing a<br />
recruitment crisis and a significant lack of<br />
talent. The cybersecurity job market is<br />
huge, yet the amount of top talent<br />
available to fill these roles is relatively<br />
small. In fact, Frost and Sullivan reported<br />
just last year that there are more than<br />
350,000 unfillable cybersecurity jobs<br />
expected in Europe alone in the next four<br />
years. There seems to be no sign of<br />
improvement any time soon.<br />
Faced with multiple unfilled positions, as<br />
well as the challenge of retaining existing<br />
talent, Chief Information Security Officers<br />
(CISOs) need to look at alternative solutions,<br />
and these must include AI and machine<br />
learning if they are to overcome the persistent<br />
shortage of skilled people.<br />
FACING REGULATION HEAD ON<br />
As of May 2018, businesses will incur fines of<br />
20 million euros or up to four per cent of their<br />
global annual turnover, whichever is the<br />
greater, if they do not disclose a data breach<br />
to the Information Commissioners Office<br />
(ICO). The cost of this alone could force some<br />
companies out of business and into<br />
administration. To continue to innovate whilst<br />
remaining secure and effectively protecting<br />
customer data, businesses need to shift their<br />
approach from reactive to proactive if they are<br />
to better protect the value that derives from<br />
their digital data, services and reputation.<br />
Facing fresh challenges as the number and<br />
complexity of threats and attacks increases,<br />
businesses need to look at alternative<br />
approaches if they are to get ahead of the<br />
ever evolving nature of data breaches and<br />
cyber-attacks. Humans alone cannot handle<br />
the sheer volume of this intricate workload.<br />
As cybercriminals become more<br />
sophisticated, automating threat detection<br />
and response using AI, machine learning and<br />
advanced behavioural analytics will allow<br />
businesses to dramatically reduce the dwell<br />
time granted to an attacker once inside the<br />
network. It also ensures a remediated response<br />
before an attack builds itself into a high<br />
severity incident creating long-term damage.<br />
BRIDGING THE GAP WITH AI<br />
Implementing AI and machine learning<br />
technologies will help to make a considerable<br />
contribution to bridging the cyber skills gap.<br />
Too much resource is being spent with<br />
advanced cybersecurity professionals doing<br />
lower-level, mundane monitoring tasks,<br />
meaning that less time is spent on higher<br />
value artisan security tasks. Investing in<br />
security automation is increasingly a must for<br />
forward thinking organisations.<br />
By automating time-consuming attacker<br />
detection and response duties, skilled<br />
analysts can switch their focus on prevention<br />
and remediation, making the threat-hunting<br />
processes all the more efficient and effective.<br />
AI technology is also helping to increase<br />
the number of qualified cybersecurity<br />
professionals and lowering the technical<br />
barriers of entry into the profession,<br />
allowing less trained individuals to be<br />
effective on the front lines of the<br />
cybersecurity battle. As well as this, it allows<br />
existing cybersecurity professionals to move<br />
up-market and leverage AI to find more<br />
complex attack scenarios before they do<br />
harm. The next security engineer you hire<br />
could likely be an AI. NC<br />
14 NETWORKcomputing JANUARY/FEBRUARY 2018 @NCMagAndAwards<br />
WWW.NETWORKCOMPUTING.CO.UK