Cyber Defense eMagazine August 2020 Edition
Cyber Defense eMagazine August Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine August Edition for 2020 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, Co-founder & International Editor-in-Chief, Stevin Miliefsky, President and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
The Rising Cost of Failure<br />
How much is cybersecurity costing companies? In a recent Ponemon-Deep Instinct survey of IT and IT<br />
security practitioners, only 40% of respondents believed their budgets were sufficient for achieving a<br />
robust cybersecurity posture.<br />
These budgets are predominantly funneled into containing and remediating threats rather than preventing<br />
them – in large part because cyber staff are overwhelmed with the amount of data that they need to<br />
monitor. Yet this “assume a breach and then contain” approach comes at a big cost, with the time and<br />
money spend remediating attacks costing well into the hundreds of thousands of dollars. The value of<br />
preventing a cyber-attack ranges from $400,000 to $1.4 million, depending on the nature of the attack. If<br />
an attack is the first of its kind, it’s virtually guaranteed to succeed with absent strong preventative<br />
capabilities, and organizations stand to lose upwards of $1 million per successful attack.<br />
Subpar Solutions, Subpar Results<br />
Why are current approaches to cybersecurity proving so inadequate? Because they over-rely on the<br />
human intervention.<br />
Specifically, most AI-based cybersecurity solutions are powered by traditional machine learning (ML),<br />
which is inhibited by a number of limitations that have become substantial problems in the recent past.<br />
Chief among these limitations is data: ML models are trained on only a fraction of the available raw data,<br />
and are trained on features identified by experts.<br />
Human error, of course, also comes into play, even when highly specialized computer scientists with<br />
expertise in cybersecurity carry out ML feature engineering. These professionals excel at training ML<br />
models on known threats – but even seasoned cybersecurity professionals are unable to anticipate<br />
emerging, first-seen attacks, that are designed to be evasive. Hackers of course, understand this, which<br />
is why they now building malware that is capable of fooling ML models into classifying it as benign.<br />
Finally, there’s a limit to the size of the dataset for training ML systems before reaching learning curve<br />
saturation – the point past which the system no longer improves its accuracy.<br />
Given these limitations, ML systems struggle to detect new, previously unseen malware, while generating<br />
high rates of false positives. Just as the cost of an unprevented attack can deliver a real blow to the<br />
bottom line, the time and resources required to investigate false positives also strains security teams’<br />
resources. This, in turn, breeds a sense of “alert fatigue,” making teams more prone to error when<br />
genuine threats emerge.<br />
Simply put, AI trade-offs – not understaffed cybersecurity teams – may be one of the biggest inhibitors to<br />
achieving a resilient cybersecurity posture.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>August</strong> <strong>2020</strong> <strong>Edition</strong> 85<br />
Copyright © <strong>2020</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.