*By Cleber Ribas
Fifteen years ago, when Steve Jobs announced the first smartphone on the planet, few people could have imagined that, in such a short time, smart devices would transform our lives, work and society. Thanks to advances in concepts such as Artificial Intelligence (AI) and Machine Learning (Machine Learning), today we have seen an exponential increase in solutions to revolutionize everything from the way we use the TV in our homes to the productive definition of entire industrial parks. The downside is that, with so much data circulating and impacting our lives, protecting systems, equipment and identities has become an equally important and challenging task.
Of course, it must be made clear that Artificial Intelligence and Machine Learning are not, by themselves, threats to the digital security of companies and citizens. On the contrary, these concepts potentially represent an enormous field of possibilities for the construction of much more proactive and intelligent risk detection and mitigation systems. Not by chance, according to research by Gartner, around 80% of the main global companies plan to adopt, by 2025, integrated protection strategies, with plans for the implementation of solutions dedicated to the automation of processes and resources that use Artificial Intelligence and Machine Learning to make the routine of information security teams simpler and more manageable.
In fact, these technologies can be used to identify patterns and trends that can indicate malicious activities, such as network intrusions or attempts to phishing. The adoption of these innovations, therefore, makes it possible to create more effective intrusion prevention barriers, especially in a reality that has been marked by lean teams being pressured against data-centric and, at times, digitally dependent operating models.
The other side of the coin is that, while these innovations mean new opportunities, they can also be synonymous with new challenges. The cybercrime side, for example, will obviously arm itself with AI mechanisms to identify and exploit vulnerabilities in networks – which should happen, basically, from accessing user information, since Artificial Intelligence models and Machine Learning are trained with large amounts of data.
What should we do, then, to ensure the use of innovation and increase security? The answer involves a closer approach to the cybersecurity area as part of day-to-day operations. In a hyper-connected world, with more and more devices and applications being connected daily, it is essential that companies adopt measures to protect customer, process and employee data.
In other words, it's time for executive leaders to understand that it's the sum of factors that will make environments safer. And that effectively starts with implementing basic cybersecurity measures, such as implementing firewalls and antivirus on all devices, and supporting user education on how to protect themselves. In the case of digital security, it is not possible to think of the latest tool on the market without first having an infrastructure in full performance.
To minimize these risks, therefore, it is important to take appropriate cybersecurity measures, such as end-to-end protection of networks against attacks and having a clear understanding of what and where is the data that needs to be protected with priority. The true intelligence of cybersecurity in today's world begins with defining these new perimeters to be protected. The big security leap is to prevent threats from getting close to the most important assets, filtering and blocking potential malware at the root.
The correct application of these basic resources added to state-of-the-art AI and Machine Learning tools, for example, is what will facilitate data processing, as well as operations to identify anomalies, suspicious or unusual behavior and the detection and correction of vulnerabilities known.
For example, a model of Machine Learning (Machine Learning) can be trained to detect network traffic patterns that are typical of a denial of service (DoS) attack and alert system administrators to take measures to protect the system. However, you need to be realistic when implementing these features, as we cannot forget the importance of data availability and quality.
Defending against cyberattacks is a complex and multifaceted task, and must be solved through technology and effective actions to also escalate an active security mindset. It takes a combination of technical and human measures to ensure adequate cyber protection, without losing the advantages that innovations bring. Having an intelligent strategy does not only include the adoption of Artificial Intelligence or relying on the ability of machines to give accurate answers. It is also necessary to be one step ahead, leveraging opportunities and allowing people to have the confidence to overcome the challenges of the real and digital world.
*Cleber Ribas, CEO of Blockbit, a global cybersecurity company
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies