Is Security driving the foundations of a technology strategy within a business?

I have been in on many client meetings and during the conversations around their business outcomes, one thing always at the forefront of their priorities is security. How will businesses be secured from malicious hackers? Is my data secure? Do I have a robust security posture? Is my governance around my business consistent with the same security governance??The list of questions is endless, however, the sentiments are all the same, to ensure clear security governance is in place within the realms of the corporate environment.

Network Security has changed over the years, with businesses realizing the value of data, which was around the 1950s, however, things like phone phreaking, where people tried to hijack the protocols in place that enabled potential hackers to work from a distance.?As the digital age evolved the data got more valuable and the risks got even higher, to appoint where we are at present where organisations have mitigation and detection in place such as:

• Computer forensics
• Multi-factor authentication
• Network Behavioural Analysis (NBA)
• Real-time protection
• Threat intelligence and updated automation
• Sandboxing
• Back up and mirroring
• Multi vector attacks
• Social engineering
• Web application firewalls

More recently I chaired a round table meeting with a number of senior IT stakeholders, and the title of the meeting was “How to mitigate bad actors from my network!”.?I invited Senior Stakeholders who’s responsibility is to put together a plan of mitigation, the discussion was very enlightening.

It is evident that organisations put many physical resources and money behind keeping their environments out of the glare of potential risks, for example having a number of security layers such as:

• Firewalls
• Content inspection appliances
• Endpoint Antivirus
• Proxy Servers
• And many more

The discussion went on the fact that there is much more that goes on than just those mitigating devices, as there are people whose sole task is to test and penetrate the environment that they are driving to secure, in other words employing ethical hackers, who would try to pinpoint the weaknesses within the security perimeter and put together a risk assessment and drive towards a number of security services.?We all came to a unanimous agreement that the security stack should include threat intelligence and prevention services that not only deliver the right and correct amount of risk mitigation but also provide a service that is manageable and not complex.?The few security services that we agreed on that were needed to shape the security posture are (but are not limited to):

• IDS (Intrusion Detection Systems)
• IPS (Intrusion Prevention Systems)
• Application Protection (Antivirus)
• SIEM (Security Information and Event Management)
• NAC (Network Access Control)
• Management of Security Tools
• Authorised access to physical and digital services

A number of stakeholders agreed with the above, however, the organisation was constantly building the security team with resources every year to mitigate potential bigger and wider threats and he said that it would come to the point that it will not be sustainable. Capgemini has stated that over 56% of organisations state that their cybersecurity analysts are overwhelmed.?Organisations are investigating potential automated environments to mitigate threats, and hence looking at AI (Artificial Intelligence) and Machine Learning as a potential way of mitigating threats.???

With more and more security threats, AI/Machine Learning may be the way the industry is going to mitigate ongoing threats.?The Identity Theft Resource Center stated that 2021 was the record-breaking year for data breaches exceeding 2002 by 17%.?Ransomware attacks have been increasing costing organisations around $700,000 according to Acronis.?

Capgemini has stated that 61% of companies will not be in a state to mitigate critical threats without AI and machine learning, with AI in cybersecurity to grow to $46.3 billion by 2027 according to research.

The roundtable conversation/discussion turned to how AI/Machine learning could mean for organisations, some of those were:

• Speed of detection – AI/Machine Learning can provide a much quicker way of detecting threats in seconds than a manual method and resulting in patching done quicker to mitigate any further risks.
• Improvement of security posture – AI/Machine Learning has the potential of providing a stronger proactive approach to potential threats
• Lower costs – The technology has the potential of reducing costs in the longer term
• More efficient use of resources – Reducing workloads on security personnel, without sifting through and analysis of security logs etc

Machine learning and artificial intelligence are two capabilities that could see a rise in use in cyber security. For many businesses today, the effort to prevent attacks is crucial. New technologies are therefore required to do so in a more meaningful and efficient way, driving down costs and proactively honing down on future threats.?AI and Machine Learning may be necessary to build a number of novel ways to automate the procedure.?This could be just the start of how network security could be shaped in the future, where security professionals are working hand in hand with complex environments to clearly define validate, prioritize, and analyse potential threats